326 matches found
Unbreakable Enterprise kernel security update
5.4.17-2136.357.3.1 - KVM: x86: Fix shadow paging use-after-free due to unexpected role Paolo Bonzini Orabug: 39673892 - KVM: x86: Fix shadow paging use-after-free due to unexpected GFN Sean Christopherson Orabug: 39673892 - KVM: x86/MMU: Recursively zap nested TDP SPs when zapping last/only pare...
Linux Distros Unpatched Vulnerability : CVE-2026-52965
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/ttm: Fix ttmboswapout infinite LRU walk on swapout failure When ttmttswapout fails, the current code calls ttmresourceaddbulkmove followed by...
Linux Distros Unpatched Vulnerability : CVE-2026-52949
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/ttm: Fix ttmboshrink infinite LRU walk on backup failure Apply the same fix as b2ed01e7ad drm/ttm: Fix ttmboswapout infinite LRU walk on swapout failure to...
CVE-2026-52949
A flaw was found in the Linux kernel's Direct Rendering Manager DRM subsystem. Specifically, within the ttmboshrink function, a backup failure could lead to an infinite Least Recently Used LRU walk. This issue may allow a local attacker to trigger a Denial of Service DoS, making the system...
CVE-2026-53277
CVE-2026-53277 – Linux kernel (arm64 KVM) : A flaw where certain page-table walk operations (walk_s1 and kvm_walk_nested_s2) did not acquire the Sleepable RCU lock (SRCU) via kvm->srcu, risking memslot changes and potential instability during fault injection and Address Translation emulation. ...
CVE-2026-53138
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Bound VBIOS record-chain walk loops Why & How All record-chain walk loops in biosparser.c and biosparser2.c use for;; and only terminate on a 0xFF recordtype sentinel or zero recordsize. A malformed VBIOS image...
Linux Distros Unpatched Vulnerability : CVE-2026-52963
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: usb-audio: Bound MIDI endpoint descriptor scans sndusbmidigetmsinfo validates the internal MIDIStreaming endpoint descriptor size before using...
EUVD-2026-38908
In the Linux kernel, the following vulnerability has been resolved: ocfs2: validate bgbits during freefrag scan BUG A crafted filesystem can trigger an out-of-bounds bitmap walk when OCFS2IOCINFO is issued with OCFS2INFOFLNONCOHERENT. BUG: KASAN: use-after-free in instrumentatomicread...
CVE-2026-53040 ocfs2: validate bg_bits during freefrag scan
In the Linux kernel, the following vulnerability has been resolved: ocfs2: validate bgbits during freefrag scan BUG A crafted filesystem can trigger an out-of-bounds bitmap walk when OCFS2IOCINFO is issued with OCFS2INFOFLNONCOHERENT. BUG: KASAN: use-after-free in instrumentatomicread...
CVE-2026-52965
The CVE-2026-52965 entry pertains to the Linux kernel DRM/TTM path and fixes an infinite LRU walk during swapout. Specifically, when ttm_tt_swapout() fails, the code previously added the resource to bulk_move and then moved it to the LRU tail, which could place it ahead of the hitch and cause lis...
CVE-2026-52949
The CVE-2026-52949 entry affects the Linux kernel DRM/TTM subsystem, specifically the ttm_bo_shrink() path. It describes an infinite LRU walk on backup failure that is fixed by applying the same remedy used for ttm_bo_swapout() (prevents the infinite LRU walk on swapout failure). The patch also c...
SUSE-SU-2026:22467-1 Security update for the Linux Kernel (Live Patch 14 for SUSE Linux Enterprise Micro 6.0)
This update for the SUSE Linux Enterprise Kernel 6.4.0-38.1 fixes various security issues The following security issues were fixed: - CVE-2026-23278: netfilter: nftables: always walk all pending catchall elements bsc1260907. - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache...
SUSE-SU-2026:22463-1 Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise Micro 6.0)
This update for the SUSE Linux Enterprise Kernel 6.4.0-29.1 fixes various security issues The following security issues were fixed: - CVE-2026-23278: netfilter: nftables: always walk all pending catchall elements bsc1260907. - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache...
PT-2026-51859
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the drm/ttm component where a failure in ttm tt swapout can lead to an infinite loop during the LRU Least Recently Used list walk. This occurs because ttm resource mov...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ACPICA: The error code path in acpidscallcontrolmethod has been fixed. A use-after-free occurs in acpipsParseAML after a failed invocation of acpidscallcontrolmethod. This issue was reported by KASAN1. Code inspection reveals tha...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ksm: The range-walk function is used to bypass holes in scangetnextrmapitem. Currently, scangetnextrmapitem walks every page address in a VMA to locate mergeable pages. This approach becomes highly inefficient when scanning large...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: media: mc: Fix graph walk in mediapipelinestart The graph walk attempts to follow all links, even if they are not between pads. This can cause a crash, especially with a link of type MEDIALNKFLANCILLARYLINK. This issue has been...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: btrfs: Do not trigger BUGON due to ENOMEM from btrfslookupextentinfo in walkdownproc. We have properly handled errors here. ENOMEM is not fatal; we return the error instead...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: In the “block” section, it is no longer allowed for the same type of “rqqos” to be added more than once. In our testing of “iocost”, we encountered some corruption in the “innerwalk” list during the execution of “ioc timerfn”. Th...
PT-2026-49610
On Xtensa targets with CONFIG USERSPACE and CONFIG XTENSA MMU, the page-table code arch/xtensa/core/ptables.c maintains a global list, xtensa domain list, of active memory domains using a list node embedded inside the caller-owned struct k mem domain. When a domain is destroyed via k mem domain...