UBUNTU-CVE-2026-46085

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix rxkad crypto unalignment handling Fix handling of a packet with a misaligned crypto length. Also handle non-ENOMEM errors from decryption by aborting. Further, remove the WARNONONCE so that it can't be remotely trigger...

EUVD-2026-32468

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix rxkad crypto unalignment handling Fix handling of a packet with a misaligned crypto length. Also handle non-ENOMEM errors from decryption by aborting. Further, remove the WARNONONCE so that it can't be remotely trigger...

CVE-2026-43346

In the Linux kernel, the following vulnerability has been resolved: ice: ptp: don't WARN when controlling PF is unavailable In VFIO passthrough setups, it is possible to pass through only a PF which doesn't own the source timer. In that case the PTP controlling PF adapter-ctrlpf is never...

CVE-2026-31567

In the Linux kernel, the following vulnerability has been resolved: PM: sleep: Drop spurious WARNON from pmrestoregfpmask Commit 35e4a69b2003f "PM: sleep: Allow pmrestrictgfpmask stacking" introduced refcount-based GFP mask management that warns when pmrestoregfpmask is called with savedgfpcount ...

CVE-2025-40353

CVE-2025-40353 concerns the Linux kernel on ARM64. The issue is in copy_highpage() for MTE-tagged pages: the function assumed a newly allocated destination page is not MTE-tagged, but due to a migration flow, a second copy can occur to the same destination after __folio_migrate_mapping() fails, t...

CVE-2025-40353 arm64: mte: Do not warn if the page is already tagged in copy_highpage()

In the Linux kernel, the following vulnerability has been resolved: arm64: mte: Do not warn if the page is already tagged in copyhighpage The arm64 copyhighpage assumes that the destination page is newly allocated and not MTE-tagged PGmtetagged unset and warns accordingly. However, following comm...

CVE-2025-39803 scsi: ufs: core: Remove WARN_ON_ONCE() call from ufshcd_uic_cmd_compl()

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Remove WARNONONCE call from ufshcduiccmdcompl The UIC completion interrupt may be disabled while an UIC command is being processed. When the UIC completion interrupt is reenabled, an UIC interrupt is triggered an...

CVE-2025-38638

In the Linux kernel, the following vulnerability has been resolved: ipv6: add a retry logic in net6rtnotify inet6rtnotify can be called under RCU protection only. This means the route could be changed concurrently and rt6fillnode could return -EMSGSIZE. Re-size the skb when this happens and retry...

UBUNTU-CVE-2025-37839

In the Linux kernel, the following vulnerability has been resolved: jbd2: remove wrong sb-ssequence check Journal emptiness is not determined by sb-ssequence == 0 but rather by sb-sstart == 0 which is set a few lines above. Furthermore 0 is a valid transaction ID so the check can spuriously...

AZL-55343 CVE-2024-56783 affecting package kernel for versions less than 6.6.76.1-1

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsocket: remove WARNONONCE on maximum cgroup level cgroup maximum depth is INTMAX by default, there is a cgroup toggle to restrict this maximum depth to a more reasonable value not to harm performance. Remove...

CVE-2024-44940

In the Linux kernel, the following vulnerability has been resolved: fou: remove warn in guegroreceive on unsupported protocol Drop the WARNONONCE inn guegroreceive if the encapsulated type is not known or does not have a GRO handler. Such a packet is easily constructed. Syzbot generates them and...

CVE-2024-26617

In the Linux kernel, the following vulnerability has been resolved: fs/proc/taskmmu: move mmu notification mechanism inside mm lock Move mmu notification mechanism inside mm lock to prevent race condition in other components which depend on it. The notifier will invalidate memory range. Depending...

kernel: ext4: silence the warning when evicting inode with dioread_nolock

In the Linux kernel, the following vulnerability has been resolved: ext4: silence the warning when evicting inode with dioreadnolock When evicting an inode with default dioreadnolock, it could be raced by the unwritten extents converting kworker after writeback some new allocated dirty blocks. It...

UVI-2021-1001139 mac80211: remove warning in ieee80211_get_sband()

mac80211: remove warning in ieee80211getsband This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.13 by commit...

openSUSE Security Update : ntp (openSUSE-2020-934)

This update for ntp fixes the following issues : ntp was updated to 4.2.8p15 - CVE-2020-11868: Fixed an issue which a server mode packet with spoofed source address frequently send to the client ntpd could have caused denial of service bsc1169740. - CVE-2018-8956: Fixed an issue which could have...