SUSE-SU-2026:21894-1 Security update for the Linux Kernel (Live Patch 17 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-40.1 fixes various security issues The following security issues were fixed: - CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. - CVE-2026-23243: RDMA/umad: Reject negative datalen in ibumadwrite bsc1259798. - CVE-2026-23274:...

AlmaLinux 8 : kernel-rt (ALSA-2026:21745)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:21745 advisory. kernel: Bluetooth: MGMT: Fix possible UAFs CVE-2025-39981 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183...

CVE-2026-43452

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: guard option walkers against 1-byte tail reads When the last byte of options is a non-single-byte option kind, walkers that advance with i += opi + 1 ? : 1 can read opi + 1 past the end of the option area. Add...

UBUNTU-CVE-2026-43452

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: guard option walkers against 1-byte tail reads When the last byte of options is a non-single-byte option kind, walkers that advance with i += opi + 1 ? : 1 can read opi + 1 past the end of the option area. Add...

CVE-2026-43190 netfilter: xt_tcpmss: check remaining length before reading optlen

In the Linux kernel, the following vulnerability has been resolved: netfilter: xttcpmss: check remaining length before reading optlen Quoting reporter: In net/netfilter/xttcpmss.c lines 53-68, the TCP option parser reads opi+1 directly without validating the remaining option length. If the last...

WordPress XT Quick View for WooCommerce plugin <= 2.1.5 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin XT Quick View for WooCommerce versions = 2.1.5...

netfilter: xt_multiport: validate range encoding in checkentry

...

CVE-2026-31681

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtmultiport: validate range encoding in checkentry portsmatchv1 treats any non-zero pflags entry as the start of a port range and unconditionally consumes the next ports element as the range end. The checkentry path...

CVE-2026-31424

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the xtables and arptables components. This vulnerability arises when xtmatch and xttarget extensions, registered for unspecified protocol families, are incorrectly processed by the Address Resolution Protocol ARP...

UBUNTU-CVE-2026-31424

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: restrict xtcheckmatch/xtchecktarget extensions for NFPROTOARP Weiming Shi says: xtmatch and xttarget structs registered with NFPROTOUNSPEC can be loaded by any protocol family through nftcompat. When such a...

CVE-2026-23391 netfilter: xt_CT: drop pending enqueued packets on template removal

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtCT: drop pending enqueued packets on template removal Templates refer to objects that can go away while packets are sitting in nfqueue refer to: - helper, this can be an issue on module removal. - timeout policy,...

CVE-2026-23274 netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtIDLETIMER: reject rev0 reuse of ALARM timer labels IDLETIMER revision 0 rules reuse existing timers by label and always call modtimer on timer-timer. If the label was created first by revision 1 with XTIDLETIMERALARM...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the xtIDLETIMER module allowing rev0 rules to reuse ALARM type timer labels. This could lead to a...

CVE-2025-14027 Rockwell Automation Recommends Upgrading From 1756-RM2 XT To 1756-RM3 XT

Multiple denial-of-service vulnerabilities exist in the affected product. These issues can be triggered through various crafted inputs, including malformed Class 3 messages, memory leak conditions, and other resource exhaustion scenarios. Exploitation may cause the device to become unresponsive...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003302)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003302 advisory. net/netfilter/xtosf.c in the Linux kernel through 4.14.4 does not require the CAPNETADMIN capability for addcallback and removecallback operations, which allows loca...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003419)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003419 advisory. net/netfilter/xtosf.c in the Linux kernel through 4.14.4 does not require the CAPNETADMIN capability for addcallback and removecallback operations, which allows loca...

CVE-2023-49125

A vulnerability has been identified in Parasolid V35.0 All versions V35.0.263, Parasolid V35.1 All versions V35.1.252, Parasolid V36.0 All versions V36.0.198, Solid Edge SE2023 All versions V223.0 Update 11, Solid Edge SE2024 All versions V224.0 Update 3. The affected applications contain an out ...

CVE-2022-50719 ALSA: line6: fix stack overflow in line6_midi_transmit

In the Linux kernel, the following vulnerability has been resolved: ALSA: line6: fix stack overflow in line6miditransmit Correctly calculate available space including the size of the chunk buffer. This fixes a buffer overflow when multiple MIDI sysex messages are sent to a PODxt device...

CVE-2025-10882 X_T File Parsing Out-of-Bounds Write Vulnerability

AA maliciously crafted XT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process...

RHEL 6 : kernel (RHSA-2025:17733)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:17733 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: out-of-bounds write in...