Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -2 articles for you...
202
security advisorymoderateremote accessopenSUSE Tumbleweed postgresql14 Moderate Security Issues 2026-10806-1
An update that solves 8 vulnerabilities can now be installed.. # postgresql14-14.23-1.1 on GA media Announcement ID: openSUSE-SU-2026:10806-1 Rating: moderate Cross-References: * CVE-2026-6472 * CVE-2026-6473 * CVE-2026-6474 * CVE-2026-6475 * CVE-2026-6477 * CVE-2026-6478 * CVE-2026-6479 * CVE-2026-6637 CVSS scores: * CVE-2026-6472 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2026-6473 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6474 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-6475 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-6477 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-6478 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-6479 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-6637 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Tumbleweed An update that solves 8 vulnerabilities can now be installed. ## Description: These are all security issues fixed in the postgresql14-14.23-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * postgresql14 14.23-1.1 * postgresql14-contrib 14.23-1.1 * postgresql14-devel 14.23-1.1 * postgresql14-docs 14.23-1.1 * postgresql14-llvmjit 14.23-1.1 * postgresql14-llvmjit-devel 14.23-1.1 * postgresql14-plperl 14.23-1.1 * postgresql14-plpython 14.23-1.1 * postgresql14-pltcl 14.23-1.1 * postgresql14-server 14.23-1.1 * postgresql14-server-devel 14.23-1.1 * postgresql14-test 14.23-1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-6472.html * https://www.suse.com/security/cve/CVE-2026-6473.html * https://www.suse.com/security/cve/CVE-2026-6474.html * https://www.suse.com/security/cve/CVE-2026-6475.html * https://www.suse.com/security/cve/CVE-2026-6477.html * https://www.suse.com/security/cve/CVE-2026-6478.html *https://www.suse.com/security/cve/CVE-2026-6479.html * https://www.suse.com/security/cve/CVE-2026-6637.html . Update for openSUSE addresses eight vulnerabilities in postgresql14, ensuring system integrity and security enhancements.. openSUSE Tumbleweed, PostgreSQL 14, Unix vulnerabilities, database security. . LinuxSecurity.com Team
May 19, 2026
OpenSUSE
217
security advisoryimportantkernelKey Security Patch Released for Oracle Linux 9 Kernel - ELSA-2026-50160
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-50160 http://linux.oracle.com/errata/ELSA-2026-50160.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable LinuxNetwork: x86_64: kernel-uek-6.12.0-200.74.27.el9uek.x86_64.rpm kernel-uek-core-6.12.0-200.74.27.el9uek.x86_64.rpm kernel-uek-debug-6.12.0-200.74.27.el9uek.x86_64.rpm kernel-uek-debug-core-6.12.0-200.74.27.el9uek.x86_64.rpm kernel-uek-debug-devel-6.12.0-200.74.27.el9uek.x86_64.rpm kernel-uek-debug-modules-6.12.0-200.74.27.el9uek.x86_64.rpm kernel-uek-debug-modules-core-6.12.0-200.74.27.el9uek.x86_64.rpm kernel-uek-debug-modules-deprecated-6.12.0-200.74.27.el9uek.x86_64.rpm kernel-uek-debug-modules-desktop-6.12.0-200.74.27.el9uek.x86_64.rpm kernel-uek-debug-modules-extra-6.12.0-200.74.27.el9uek.x86_64.rpm kernel-uek-debug-modules-extra-netfilter-6.12.0-200.74.27.el9uek.x86_64.rpm kernel-uek-debug-modules-usb-6.12.0-200.74.27.el9uek.x86_64.rpm kernel-uek-debug-modules-wireless-6.12.0-200.74.27.el9uek.x86_64.rpm kernel-uek-devel-6.12.0-200.74.27.el9uek.x86_64.rpm kernel-uek-doc-6.12.0-200.74.27.el9uek.noarch.rpm kernel-uek-modules-6.12.0-200.74.27.el9uek.x86_64.rpm kernel-uek-modules-core-6.12.0-200.74.27.el9uek.x86_64.rpm kernel-uek-modules-deprecated-6.12.0-200.74.27.el9uek.x86_64.rpm kernel-uek-modules-desktop-6.12.0-200.74.27.el9uek.x86_64.rpm kernel-uek-modules-extra-6.12.0-200.74.27.el9uek.x86_64.rpm kernel-uek-modules-extra-netfilter-6.12.0-200.74.27.el9uek.x86_64.rpm kernel-uek-modules-usb-6.12.0-200.74.27.el9uek.x86_64.rpm kernel-uek-modules-wireless-6.12.0-200.74.27.el9uek.x86_64.rpm kernel-uek-tools-6.12.0-200.74.27.el9uek.x86_64.rpm aarch64: kernel-uek-6.12.0-200.74.27.el9uek.aarch64.rpm kernel-uek-core-6.12.0-200.74.27.el9uek.aarch64.rpm kernel-uek-debug-6.12.0-200.74.27.el9uek.aarch64.rpm kernel-uek-debug-core-6.12.0-200.74.27.el9uek.aarch64.rpm kernel-uek-debug-devel-6.12.0-200.74.27.el9uek.aarch64.rpm kernel-uek-debug-modules-6.12.0-200.74.27.el9uek.aarch64.rpm kernel-uek-debug-modules-core-6.12.0-200.74.27.el9uek.aarch64.rpm kernel-uek-debug-modules-deprecated-6.12.0-200.74.27.el9uek.aarch64.rpm kernel-uek-debug-modules-desktop-6.12.0-200.74.27.el9uek.aarch64.rpm kernel-uek-debug-modules-extra-6.12.0-200.74.27.el9uek.aarch64.rpm kernel-uek-debug-modules-extra-netfilter-6.12.0-200.74.27.el9uek.aarch64.rpm kernel-uek-debug-modules-usb-6.12.0-200.74.27.el9uek.aarch64.rpm kernel-uek-debug-modules-wireless-6.12.0-200.74.27.el9uek.aarch64.rpm kernel-uek-devel-6.12.0-200.74.27.el9uek.aarch64.rpm kernel-uek-modules-6.12.0-200.74.27.el9uek.aarch64.rpm kernel-uek-modules-extra-6.12.0-200.74.27.el9uek.aarch64.rpm kernel-uek-modules-core-6.12.0-200.74.27.el9uek.aarch64.rpm kernel-uek-modules-deprecated-6.12.0-200.74.27.el9uek.aarch64.rpm kernel-uek-modules-desktop-6.12.0-200.74.27.el9uek.aarch64.rpm kernel-uek-modules-extra-netfilter-6.12.0-200.74.27.el9uek.aarch64.rpm kernel-uek-modules-usb-6.12.0-200.74.27.el9uek.aarch64.rpm kernel-uek-modules-wireless-6.12.0-200.74.27.el9uek.aarch64.rpm kernel-uek-tools-6.12.0-200.74.27.el9uek.aarch64.rpm kernel-uek64k-6.12.0-200.74.27.el9uek.aarch64.rpm kernel-uek64k-core-6.12.0-200.74.27.el9uek.aarch64.rpm kernel-uek64k-devel-6.12.0-200.74.27.el9uek.aarch64.rpm kernel-uek64k-modules-6.12.0-200.74.27.el9uek.aarch64.rpm kernel-uek64k-modules-core-6.12.0-200.74.27.el9uek.aarch64.rpm kernel-uek64k-modules-deprecated-6.12.0-200.74.27.el9uek.aarch64.rpm kernel-uek64k-modules-desktop-6.12.0-200.74.27.el9uek.aarch64.rpm kernel-uek64k-modules-extra-6.12.0-200.74.27.el9uek.aarch64.rpm kernel-uek64k-modules-extra-netfilter-6.12.0-200.74.27.el9uek.aarch64.rpm kernel-uek64k-modules-usb-6.12.0-200.74.27.el9uek.aarch64.rpm kernel-uek64k-modules-wireless-6.12.0-200.74.27.el9uek.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/kernel-uek-6.12.0-200.74.27.el9uek.src.rpm RelatedCVEs: CVE-2026-23100 CVE-2026-23237 CVE-2025-71238 CVE-2025-71234 CVE-2026-23223 CVE-2025-71232 CVE-2025-71235 CVE-2025-71236 CVE-2025-71229 CVE-2026-23229 CVE-2025-71231 CVE-2026-23230 CVE-2026-23202 CVE-2026-23190 CVE-2026-23200 CVE-2026-23111 CVE-2026-23188 CVE-2026-23209 CVE-2026-23204 CVE-2026-23205 CVE-2026-23214 CVE-2026-23216 CVE-2026-23193 CVE-2026-23179 CVE-2026-23213 CVE-2026-23178 CVE-2025-71225 CVE-2025-71222 CVE-2025-71224 CVE-2026-23199 CVE-2026-23177 CVE-2026-23201 CVE-2026-23189 CVE-2026-23219 CVE-2026-23191 CVE-2026-23215 CVE-2026-23112 CVE-2026-23159 CVE-2024-58096 CVE-2026-23163 CVE-2026-23154 CVE-2026-23161 CVE-2026-23168 CVE-2026-23148 CVE-2026-23156 CVE-2026-23173 CVE-2026-23166 CVE-2026-23164 CVE-2026-23212 CVE-2026-23151 CVE-2026-23146 CVE-2024-58097 CVE-2025-68358 CVE-2025-68333 CVE-2025-68351 CVE-2025-68725 CVE-2026-23097 CVE-2026-23108 CVE-2026-23061 CVE-2026-23058 CVE-2026-23085 CVE-2026-23091 CVE-2026-23088 CVE-2026-23128 CVE-2026-23107 CVE-2026-23073 CVE-2026-23133 CVE-2026-23089 CVE-2026-23078 CVE-2026-23076 CVE-2026-23101 CVE-2026-23129 CVE-2026-23086 CVE-2026-23069 CVE-2026-23119 CVE-2026-23084 CVE-2026-23124 CVE-2026-23126 CVE-2026-23059 CVE-2026-23110 CVE-2026-23071 CVE-2026-23123 CVE-2026-23113 CVE-2026-23062 CVE-2026-23131 CVE-2026-23087 CVE-2025-71197 CVE-2026-23060 CVE-2026-23105 CVE-2026-23074 CVE-2026-23103 CVE-2026-23120 CVE-2026-23095 CVE-2026-23125 CVE-2026-23082 CVE-2026-23072 CVE-2026-23099 CVE-2026-23057 CVE-2025-68737 CVE-2025-21882 CVE-2025-21717 CVE-2025-39832 CVE-2025-38431 CVE-2026-23083 CVE-2026-23198 CVE-2026-23155 Description of changes: [6.12.0-200.74.27] - Revert "uek-rpm: update kABI for FIPS regarding crypto_user" (Saeed Mirzamohammadi) [Orabug: 39033195] - Revert "fips: remove crypto_user from the FIPS module" (Saeed Mirzamohammadi) [Orabug: 39033195] - Revert "crypto_user: use FIPS algorithm list when FIPS module is enabled" (Saeed Mirzamohammadi) [Orabug: 39033195] - RDMA/ionic: Preserve and set Ethernet source MAC after ib_ud_header_init()(Abhijit Gangurde) [Orabug: 39006240] - uek-rpm: enable ionic rdma module build in UEK (Qing Huang) [Orabug: 38331822] - RDMA/ionic: Fix memory leak of admin q_wr (Abhijit Gangurde) [Orabug: 38331822] - RDMA/ionic: Use ether_addr_copy instead of memcpy (Abhijit Gangurde) [Orabug: 38331822] - RDMA/ionic: Fix build failure on SPARC due to xchg() operand size (Abhijit Gangurde) [Orabug: 38331822] - RDMA/ionic: Add Makefile/Kconfig to kernel build environment (Abhijit Gangurde) [Orabug: 38331822] - RDMA/ionic: Implement device stats ops (Abhijit Gangurde) [Orabug: 38331822] - RDMA/ionic: Register device ops for miscellaneous functionality (Abhijit Gangurde) [Orabug: 38331822] - RDMA/ionic: Register device ops for datapath (Abhijit Gangurde) [Orabug: 38331822] - RDMA/ionic: Register device ops for control path (Abhijit Gangurde) [Orabug: 38331822] - RDMA/ionic: Create device queues to support admin operations (Abhijit Gangurde) [Orabug: 38331822] - RDMA/ionic: Register auxiliary module for ionic ethernet adapter (Abhijit Gangurde) [Orabug: 38331822] - RDMA: Add IONIC to rdma_driver_id definition (Abhijit Gangurde) [Orabug: 38331822] - net: ionic: Provide doorbell and CMB region information (Abhijit Gangurde) [Orabug: 38331822] - net: ionic: Provide interrupt allocation support for the RDMA driver (Abhijit Gangurde) [Orabug: 38331822] - net: ionic: Provide RDMA reset support for the RDMA driver (Abhijit Gangurde) [Orabug: 38331822] - net: ionic: Export the APIs from net driver to support device commands (Abhijit Gangurde) [Orabug: 38331822] - net: ionic: Update LIF identity with additional RDMA capabilities (Abhijit Gangurde) [Orabug: 38331822] - net: ionic: Create an auxiliary device for rdma driver (Abhijit Gangurde) [Orabug: 38331822] [6.12.0-200.74.26] - pds_core: init viftype default in declaration (Shannon Nelson) [Orabug: 38467343] - pds_core: smaller adminq poll starting interval (Shannon Nelson) [Orabug: 38467343] - pds_core: Allocate pdsc_viftype_defaults copy with ARRAY_SIZE() (KeesCook) [Orabug: 38467343] - pds_fwctl: Fix type and endian complaints (Shannon Nelson) [Orabug: 38467343] - x86/kexec: add a sanity check on previous kernel's ima kexec buffer (Harshit Mogalapalli) [Orabug: 38608974] - of/kexec: refactor ima_get_kexec_buffer() to use ima_validate_range() (Harshit Mogalapalli) [Orabug: 38608974] - ima: verify the previous kernel's IMA buffer lies in addressable RAM (Harshit Mogalapalli) [Orabug: 38608974] - rds: Add state field to RDS trace logs. (Rohit Nair) [Orabug: 38870356] - uek-rpm: set default kfence sampling interval to 0 (Imran Khan) [Orabug: 38913539] - Revert "NFS: Avoid changing nlink when file removes and attribute updates race" (Samasth Norway Ananda) [Orabug: 38925844] - crypto_user: use FIPS algorithm list when FIPS module is enabled (Saeed Mirzamohammadi) [Orabug: 38934207] - uek-rpm: update kABI for FIPS regarding crypto_user (Saeed Mirzamohammadi) [Orabug: 38934207] - fips: remove crypto_user from the FIPS module (Saeed Mirzamohammadi) [Orabug: 38934207] - alloc_tag: prevent enabling memory profiling if it was shut down (Suren Baghdasaryan) [Orabug: 38945943] - alloc_tag: avoid current-> alloc_tag manipulations when profiling is disabled (Suren Baghdasaryan) [Orabug: 38945943] - mm/codetag: fix arg in pgalloc_tag_copy alloc_tag_sub (Sourav Panda) [Orabug: 38945943] - uek-rpm: fips: fixed specs to explicitly call python3 as set as a requirement (Mark Nicholson) [Orabug: 38949665] - selftests/mm: skip pkey_sighandler_tests if support is missing (Harshit Mogalapalli) [Orabug: 38969139] - selftests/mm: rename pkey register macro (Harshit Mogalapalli) [Orabug: 38969139] - selftests/mm: use sys_pkey helpers consistently (Harshit Mogalapalli) [Orabug: 38969139] - selftests/mm: ensure non-global pkey symbols are marked static (Harshit Mogalapalli) [Orabug: 38969139] - selftests/mm: remove empty pkey helper definition (Harshit Mogalapalli) [Orabug: 38969139] - selftests/mm: ensure pkey-*.h define inline functions only (Harshit Mogalapalli) [Orabug: 38969139] -selftests/mm: define types using typedef in pkey-helpers.h (Harshit Mogalapalli) [Orabug: 38969139] - selftests/mm: remove unused pkey helpers (Harshit Mogalapalli) [Orabug: 38969139] - selftests/mm: fix -Warray-bounds warnings in pkey_sighandler_tests (Harshit Mogalapalli) [Orabug: 38969139] - selftests/mm: Define PKEY_UNRESTRICTED for pkey_sighandler_tests (Harshit Mogalapalli) [Orabug: 38969139] - selftests/mm: Use generic pkey register manipulation (Harshit Mogalapalli) [Orabug: 38969139] - ionic: Rate limit unknown xcvr type messages (Eric Joyner) [Orabug: 38977643] - Octeontx2-af: Add proper checks for fwdata (Hariprasad Kelam) [Orabug: 38988497] - genirq/cpuhotplug: Notify about affinity changes breaking the affinity mask (Imran Khan) [Orabug: 39001909] - LTS version: v6.12.74 (Jack Vogel) - USB: serial: option: add Telit FN920C04 RNDIS compositions (Fabio Porcedda) - f2fs: fix IS_CHECKPOINTED flag inconsistency issue caused by concurrent atomic commit and checkpoint writes (Yongpeng Yang) - f2fs: fix to avoid UAF in f2fs_write_end_io() (Chao Yu) - iommu/arm-smmu-qcom: do not register driver in probe() (Danilo Krummrich) - f2fs: fix to avoid mapping wrong physical block for swapfile (Chao Yu) - f2fs: fix out-of-bounds access in sysfs attribute read/write (Yongpeng Yang) - f2fs: fix to check sysfs filename w/ gc_pin_file_thresh correctly (Chao Yu) - f2fs: fix to add gc count stat in f2fs_gc_range (Zhiguo Niu) - fbdev: smscufx: properly copy ioctl memory to kernelspace (Greg Kroah-Hartman) - fbdev: rivafb: fix divide error in nv3_arb() (Guangshuo Li) - cpuset: Fix missing adaptation for cpuset_is_populated (Chen Ridong) - Revert "wireguard: device: enable threaded NAPI" (Daniel Borkmann) - LoongArch: Rework KASAN initialization for PTW-enabled systems (Tiezhu Yang) - mm/hugetlb: fix excessive IPI broadcasts when unsharing PMD tables using mmu_gather (David Hildenbrand) - mm/hugetlb: fix two comments related to huge_pmd_unshare() (David Hildenbrand) - mm/hugetlb: fix hugetlb_pmd_shared() (David Hildenbrand)[Orabug: 38931087] {CVE-2026-23100} - mm/hugetlb: fix copy_hugetlb_page_range() to use -> pt_share_count (Jane Chu) - gpiolib: acpi: Fix gpio count with string references (Alban Bedel) - ASoC: fsl_xcvr: fix missing lock in fsl_xcvr_mode_put() (Ziyi Guo) - drm/amd/display: remove assert around dpp_base replacement (Melissa Wen) - drm/amd/display: extend delta clamping logic to CM3 LUT helper (Melissa Wen) - tracing/dma: Cap dma_map_sg tracepoint arrays to prevent buffer overflow (Deepanshu Kartikey) - ASoC: cs42l43: Correct handling of 3-pole jack load detection (Charles Keepax) - platform/x86: panasonic-laptop: Fix sysfs group leak in error path (Rafael J. Wysocki) - platform/x86/amd/pmc: Add quirk for MECHREVO Wujie 15X Pro (Gongqi) - ALSA: hda/realtek: Enable headset mic for Acer Nitro 5 (Breno Baptista) - ASoC: amd: yc: Add quirk for HP 200 G2a 16 (Dirk Su) - ASoC: Intel: sof_es8336: Add DMI quirk for Huawei BOD-WXX9 (Tagir Garaev) - platform/x86: classmate-laptop: Add missing NULL pointer checks (Rafael J. Wysocki) [Orabug: 39044501] {CVE-2026-23237} - drm/tegra: hdmi: sor: Fix error: variable ‘j’ set but not used (Brahmajit Das) - romfs: check sb_set_blocksize() return value (Deepanshu Kartikey) - ALSA: hda/realtek - fixed speaker no sound (Kailang Yang) - ASoC: cs35l45: Corrects ASP_TX5 DAPM widget channel (Ricardo Rivera-Matos) - ALSA: hda/realtek: Add quirk for Inspur S14-G1 (Zhang Heng) - gpio: sprd: Change sprd_gpio lock to raw_spin_lock (Xuewen Yan) - ASoC: amd: yc: Add ASUS ExpertBook PM1503CDA to quirks list (Anatolii Shirykalov) - ALSA: hda/realtek: Fix headset mic for TongFang X6AR55xU (Tim Guttzeit) - bus: fsl-mc: fix use-after-free in driver_override_show() (Gui-Dong Han) - bus: fsl-mc: Replace snprintf and sprintf with sysfs_emit in sysfs show functions (Chelsy Ratnawat) - bnxt_en: hide CONFIG_DETECT_HUNG_TASK specific code (Arnd Bergmann) - bnxt_en: Change FW message timeout warning (Michael Chan) - scsi: qla2xxx: Fix bsg_done() causing double free (Anil Gurumurthy) [Orabug: 39044457]{CVE-2025-71238} - LTS version: v6.12.73 (Jack Vogel) - Revert "driver core: enforce device_lock for driver_match_device()" (Greg Kroah-Hartman) - LTS version: v6.12.72 (Jack Vogel) - gpio: omap: do not register driver in probe() (Danilo Krummrich) - wifi: rtl8xxxu: fix slab-out-of-bounds in rtl8xxxu_sta_add (Ali Tariq) [Orabug: 38997990] {CVE-2025-71234} - PCI: endpoint: Avoid creating sub-groups asynchronously (Liu Song) - xfs: fix UAF in xchk_btree_check_block_owner (Darrick J. Wong) [Orabug: 38998028] {CVE-2026-23223} - erofs: fix UAF issue for file-backed mounts w/ directio option (Chao Yu) - mptcp: fix race in mptcp_pm_nl_flush_addrs_doit() (Eric Dumazet) - bus: mhi: host: pci_generic: Add Telit FE990B40 modem support (Daniele Palmas) - scsi: qla2xxx: Query FW again before proceeding with login (Anil Gurumurthy) - scsi: qla2xxx: Free sp in error path to fix system crash (Anil Gurumurthy) [Orabug: 38997979] {CVE-2025-71232} - scsi: qla2xxx: Delay module unload while fabric scan in progress (Anil Gurumurthy) [Orabug: 38997992] {CVE-2025-71235} - scsi: qla2xxx: Allow recovery for tape devices (Shreyas Deodhar) - scsi: qla2xxx: Validate sp before freeing associated memory (Anil Gurumurthy) [Orabug: 38997998] {CVE-2025-71236} - wifi: rtw88: Fix alignment fault in rtw_core_enable_beacon() (Bitterblue Smith) [Orabug: 38997972] {CVE-2025-71229} - nilfs2: Fix potential block overflow that cause system hang (Edward Adam Davis) - crypto: virtio - Remove duplicated virtqueue_kick in virtio_crypto_skcipher_crypt_req (Bibo Mao) - crypto: virtio - Add spinlock protection with virtqueue notification (Bibo Mao) [Orabug: 38998052] {CVE-2026-23229} - crypto: omap - Allocate OMAP_CRYPTO_FORCE_COPY scatterlists correctly (Kees Cook) - crypto: octeontx - Fix length check to avoid truncation in ucode_load_store (Thorsten Blum) - crypto: iaa - Fix out-of-bounds index in find_empty_iaa_compression_mode (Thorsten Blum) [Orabug: 38997976] {CVE-2025-71231} - Bluetooth: btusb: Add USB ID 7392:e611 for Edimax EW-7611UXB (Zenm Chen) -driver core: enforce device_lock for driver_match_device() (Gui-Dong Han) - smb: server: fix leak of active_num_conn in ksmbd_tcp_new_connection() (Henrique Carvalho) - ksmbd: fix infinite loop caused by next_smb2_rcv_hdr_off reset in error paths (Namjae Jeon) - smb: client: split cached_fid bitfields to avoid shared-byte RMW races (Henrique Carvalho) [Orabug: 38998059] {CVE-2026-23230} - LTS version: v6.12.71 (Jack Vogel) - vsock/test: verify socket options after setting them (Konstantin Shkolnyy) - io_uring/rw: recycle buffers manually for non-mshot reads (Jens Axboe) - LTS version: v6.12.70 (Jack Vogel) - gpiolib-acpi: Update file references in the Documentation and MAINTAINERS (Andy Shevchenko) - ALSA: hda/realtek: Really fix headset mic for TongFang X6AR55xU. (Werner Sembach) - spi: tegra114: Preserve SPI mode bits in def_command1_reg (Vishwaroop A) - spi: tegra: Fix a memory leak in tegra_slink_probe() (Felix Gu) - spi: tegra210-quad: Protect curr_xfer clearing in tegra_qspi_non_combined_seq_xfer (Breno Leitao) - spi: tegra210-quad: Protect curr_xfer in tegra_qspi_combined_seq_xfer (Breno Leitao) [Orabug: 38970593] {CVE-2026-23202} - spi: tegra210-quad: Protect curr_xfer assignment in tegra_qspi_setup_transfer_one (Breno Leitao) - spi: tegra210-quad: Move curr_xfer read inside spinlock (Breno Leitao) - spi: tegra210-quad: Return IRQ_HANDLED when timeout already processed transfer (Breno Leitao) - ASoC: amd: fix memory leak in acp3x pdm dma ops (Chris Bainbridge) [Orabug: 38970441] {CVE-2026-23190} - ALSA: usb-audio: fix broken logic in snd_audigy2nx_led_update() (Sergey Shtylyov) - ipv6: Fix ECMP sibling count mismatch when clearing RTF_ADDRCONF (Shigeru Yoshida) [Orabug: 38970598] {CVE-2026-23200} - netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (Andrew Fasano) [Orabug: 38970170] {CVE-2026-23111} - hwmon: (occ) Mark occ_init_attribute() as __printf (Arnd Bergmann) - drm/xe/pm: Disable D3Cold for BMG only on specific platforms (Karthik Poosa) - drm/xe/pm: Also avoid missingouter rpm warning on system suspend (Rodrigo Vivi) - drm/xe/query: Fix topology query pointer advance (Shuicheng Lin) - drm/mgag200: fix mgag200_bmc_stop_scanout() (Jacob Keller) - net: gro: fix outer network offset (Paolo Abeni) - net: ethernet: adi: adin1110: Check return value of devm_gpiod_get_optional() in adin1110_check_spi() (Chen Ni) - drm/amd/display: fix wrong color value mapping on MCM shaper LUT (Melissa Wen) - tipc: use kfree_sensitive() for session key material (Daniel Hodges) - net: don't touch dev-> stats in BPF redirect paths (Jakub Kicinski) - net: usb: r8152: fix resume reset deadlock (Sergey Senozhatsky) [Orabug: 38970438] {CVE-2026-23188} - macvlan: fix error recovery in macvlan_common_newlink() (Eric Dumazet) [Orabug: 38970508] {CVE-2026-23209} - net: sfp: Fix quirk for Ubiquiti U-Fiber Instant SFP module (Marek Behún) - net: sfp: convert sfp quirks to modify struct sfp_module_support (Russell King) - net: sfp: pre-parse the module support (Russell King) - net: phy: add phy_interface_copy() (Russell King) - net: phy: add phy_interface_weight() (Russell King) - dpaa2-switch: add bounds check for if_id in IRQ handler (Junrui Luo) - net: liquidio: Fix off-by-one error in VF setup_nic_devices() cleanup (Zilin Guan) - net: liquidio: Fix off-by-one error in PF setup_nic_devices() cleanup (Zilin Guan) - net: liquidio: Initialize netdev pointer before queue setup (Zilin Guan) - dpaa2-switch: prevent ZERO_SIZE_PTR dereference when num_ifs is zero (Junrui Luo) - net/sched: cls_u32: use skb_header_pointer_careful() (Eric Dumazet) [Orabug: 38970487] {CVE-2026-23204} - net: add skb_header_pointer_careful() helper (Eric Dumazet) - smb/client: fix memory leak in smb2_open_file() (Chenxiaosong) [Orabug: 38970578] {CVE-2026-23205} - platform/x86/intel/tpmi/plr: Make the file domain /status writeable (Ricardo Neri) - platform/x86: hp-bioscfg: Skip empty attribute names (Mario Limonciello) - platform/x86: intel_telemetry: Fix PSS event register mask (Kaushlendra Kumar) - platform/x86: toshiba_haps: Fixmemory leaks in add/remove routines (Rafael J. Wysocki) - ALSA: hda/realtek: ALC269 fixup for Lenovo Yoga Book 9i 13IRU8 audio (Martin Hamilton) - btrfs: reject new transactions if the fs is fully read-only (Qu Wenruo) [Orabug: 38985156] {CVE-2026-23214} - wifi: mac80211: don't increment crypto_tx_tailroom_needed_cnt twice (Miri Korenblit) - wifi: mac80211: correctly check if CSA is active (Miri Korenblit) - scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count() (Maurizio Lombardi) [Orabug: 38985169] {CVE-2026-23216} - ALSA: hda/realtek: Fix headset mic for TongFang X6AR55xU (Tim Guttzeit) - scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() (Maurizio Lombardi) [Orabug: 38970453] {CVE-2026-23193} - wifi: cfg80211: Fix bitrate calculation overflow for HE rates (Veerendranath Jakkam) - regmap: maple: free entry on mas_store_gfp() failure (Kaushlendra Kumar) - spi: hisi-kunpeng: Fixed the wrong debugfs node name in hisi_spi debugfs initialization (Devyn Liu) - ASoC: tlv320adcx140: Propagate error codes during probe (Dimitrios Katsaros) - ASoC: amd: yc: Fix microphone on ASUS M6500RE (Radhi Bajahaw) - nvmet-tcp: fixup hang in nvmet_tcp_listen_data_ready() (Hannes Reinecke) [Orabug: 38970416] {CVE-2026-23179} - nvme-fc: release admin tagset if init fails (Chaitanya Kulkarni) - ASoC: simple-card-utils: Check device node before overwrite direction (Shengjiu Wang) - ASoC: davinci-evm: Fix reference leak in davinci_evm_probe (Kery Qi) - wifi: mac80211: collect station statistics earlier when disconnect (Baochen Qiang) - HID: logitech: add HID++ support for Logitech MX Anywhere 3S (Dennis Marttinen) - ring-buffer: Avoid softlockup in ring_buffer_resize() during memory free (Ma Wupeng) - drm/amd/pm: Disable MMIO access during SMU Mode 1 reset (Perry Yuan) [Orabug: 38985149] {CVE-2026-23213} - HID: Apply quirk HID_QUIRK_ALWAYS_POLL to Edifier QR30 (2d99:a101) (Rodrigo Lugathe Da Conceição Alves) - HID: i2c-hid: fix potential buffer overflow in i2c_hid_get_report() (Kwok Kin Ming)[Orabug: 38970413] {CVE-2026-23178} - HID: quirks: Add another Chicony HP 5MP Cameras to hid_ignore_list (Chris Chiu) - netfilter: replace -EEXIST with -EBUSY (Daniel Gomez) - PCI: qcom: Remove ASPM L0s support for MSM8996 SoC (Manivannan Sadhasivam) - ALSA: hda/realtek: add HP Laptop 15s-eq1xxx mute LED quirk (Ruslan Krupitsa) - ALSA: hda/realtek: Add quirk for Acer Nitro AN517-55 (Matouš Lánský) - HID: playstation: Center initial joystick axes to prevent spurious events (Siarhei Vishniakou) - HID: intel-ish-hid: Reset enum_devices_done before enumeration (Zhang Lixu) - riscv: Sanitize syscall table indexing under speculation (Lukas Gerlach) - btrfs: fix reservation leak in some error paths when inserting inline extent (Filipe Manana) - HID: multitouch: add MT_QUIRK_STICKY_FINGERS to MT_CLS_VTL (Daytoncl) - HID: intel-ish-hid: Update ishtp bus match to support device ID table (Zhang Lixu) - smb/server: fix refcount leak in parse_durable_handle_context() (Zhangguodong) - LoongArch: Enable exception fixup for specific ADE subcode (Duan Chenghao) - smb/server: fix refcount leak in smb2_open() (Zhangguodong) - md: suspend array while updating raid_disks via sysfs (Danny Shih) [Orabug: 38985108] {CVE-2025-71225} - LoongArch: Set correct protection_map[] for VM_NONE/VM_SHARED (Huacai Chen) - smb/server: call ksmbd_session_rpc_close() on error path in create_smb2_pipe() (Zhangguodong) - block,bfq: fix aux stat accumulation destination (Shechenglong) - net: usb: sr9700: support devices with virtual driver CD (Ethan Nelson-Moore) - wifi: wlcore: ensure skb headroom before skb_push (Peter Astrand) [Orabug: 38970152] {CVE-2025-71222} - wifi: mac80211: ocb: skip rx_no_sta when interface is not joined (Moon Hee Lee) [Orabug: 38970163] {CVE-2025-71224} - tracing: Fix ftrace event field alignments (Steven Rostedt) - procfs: avoid fetching build ID while holding VMA lock (Andrii Nakryiko) [Orabug: 38970476] {CVE-2026-23199} - KVM: selftests: Add -U_FORTIFY_SOURCE to avoid some unpredictable test failures (Zhiquan Li) -binderfs: fix ida_alloc_max() upper bound (Carlos Llamas) - binder: fix BR_FROZEN_REPLY error log (Carlos Llamas) - hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (Kang Chen) - ublk: fix deadlock when reading partition table (Ming Lei) - tools/power turbostat: fix GCC9 build regression (Todd Brandt) - PCI/ERR: Ensure error recoverability at all times (Lukas Wunner) - KVM: Don't clobber irqfd routing type when deassigning irqfd (Sean Christopherson) - Revert "drm/amd: Check if ASPM is enabled from PCIe subsystem" (Bert Karwatzki) - mm, shmem: prevent infinite loop on truncate race (Kairui Song) [Orabug: 38970409] {CVE-2026-23177} - gve: Correct ethtool rx_dropped calculation (Max Yuan) - gve: Fix stats report corruption on queue count change (Debarghya Kundu) - ceph: fix oops due to invalid pointer for kfree() in parse_longname() (Daniel Vogelbacher) [Orabug: 38970590] {CVE-2026-23201} - ARM: 9468/1: fix memset64() on big-endian (Thomas Weißschuh) - rbd: check for EOD after exclusive lock is ensured to be held (Ilya Dryomov) - ceph: fix NULL pointer dereference in ceph_mds_auth_match() (Viacheslav Dubeyko) [Orabug: 38970595] {CVE-2026-23189} - mm/slab: Add alloc_tagging_slab_free_hook for memcg_alloc_abort_single (Hao Ge) [Orabug: 38985192] {CVE-2026-23219} - pmdomain: imx8m-blk-ctrl: fix out-of-range access of bc-> domains (Xu Yang) - pmdomain: imx8mp-blk-ctrl: Keep usb phy power domain on for system wakeup (Xu Yang) - pmdomain: imx: gpcv2: Fix the imx8mm gpu hang due to wrong adb400 reset (Jacky Bai) - pmdomain: imx8mp-blk-ctrl: Keep gpc power domain on for system wakeup (Xu Yang) - pmdomain: qcom: rpmpd: fix off-by-one error in clamping to the highest state (Gabor Juhos) - ALSA: aloop: Fix racy access at PCM trigger (Takashi Iwai) [Orabug: 38970445] {CVE-2026-23191} - platform/x86: intel_telemetry: Fix swapped arrays in PSS output (Kaushlendra Kumar) - x86/kfence: fix booting on 32bit non-PAE systems (Andrew Cooper) - x86/vmware: Fix hypercall clobbers (Josh Poimboeuf) [Orabug: 38985163]{CVE-2026-23215} - nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec (Yunje Shin) [Orabug: 38970176] {CVE-2026-23112} - LTS version: v6.12.69 (Jack Vogel) - bpf/selftests: test_select_reuseport_kern: Remove unused header (Alexis Lothoré) - RDMA/mana_ib: Handle net event for pointing to the current netdev (Long Li) - net: mana: Change the function signature of mana_get_primary_netdev_rcu (Long Li) - pinctrl: lpass-lpi: implement .get_direction() for the GPIO driver (Bartosz Golaszewski) - drm/amdgpu/gfx11: adjust KGQ reset sequence (Alex Deucher) - writeback: fix 100% CPU usage when dirtytime_expire_interval is 0 (Laveesh Bansal) - perf: sched: Fix perf crash with new is_user_task() helper (Steven Rostedt) [Orabug: 38970581] {CVE-2026-23159} - perf: Simplify get_perf_callchain() user logic (Josh Poimboeuf) - mptcp: avoid dup SUB_CLOSED events after disconnect (Matthieu Baerts) - pinctrl: qcom: sm8350-lpass-lpi: Merge with SC7280 to fix I2S2 and SWR TX pins (Krzysztof Kozlowski) - net/sched: act_ife: convert comma to semicolon (Chen Ni) - btrfs: prevent use-after-free on folio private data in btrfs_subpage_clear_uptodate() (Jp Kobryn) - Revert "drm/nouveau/disp: Set drm_mode_config_funcs.atomic_(check|commit)" (John Ogness) - wifi: ath11k: add srng-> lock for ath11k_hal_srng_* in monitor mode (Kang Yang) [Orabug: 37844126] {CVE-2024-58096} - mm/kfence: randomize the freelist on initialization (Pimyn Girgis) - libbpf: Fix -Wdiscarded-qualifiers under C23 (Mikhail Gavrilov) - ksmbd: smbd: fix dma_unmap_sg() nents (Thomas Fourier) - rxrpc: Fix data-race warning and potential load/store tearing (David Howells) - cgroup: Fix kernfs_node UAF in css_free_rwork_fn (T.J. Mercier) - rust: kbuild: support -Cjump-tables=n for Rust 1.93.0 (Miguel Ojeda) - gpiolib: acpi: Fix potential out-of-boundary left shift (Andy Shevchenko) - drm/amdgpu: Fix cond_exec handling in amdgpu_ib_schedule() (Alex Deucher) - drm/amdgpu: fix NULL pointer dereference in amdgpu_gmc_filter_faults_remove (Jon Doron) [Orabug: 38970348]{CVE-2026-23163} - drm/amdgpu/gfx12: fix wptr reset in KGQ init (Alex Deucher) - drm/amdgpu/gfx11: fix wptr reset in KGQ init (Alex Deucher) - drm/amdgpu/gfx10: fix wptr reset in KGQ init (Alex Deucher) - drm/amdgpu/soc21: fix xclk for APUs (Alex Deucher) - drm/imx/tve: fix probe device leak (Johan Hovold) - drm/msm/a6xx: fix bogus hwcg register updates (Johan Hovold) - scripts: generate_rust_analyzer: Add compiler_builtins -> core dep (Tamir Duberstein) - scripts: generate_rust_analyzer: compile sysroot with correct edition (Tamir Duberstein) - scripts: generate_rust_analyzer: remove sysroot assertion (Onur Özkan) - net: fix segmentation of forwarding fraglist GRO (Jibin Zhang) [Orabug: 38970318] {CVE-2026-23154} - mm/shmem, swap: fix race of truncate and swap entry split (Kairui Song) [Orabug: 38970345] {CVE-2026-23161} - flex_proportions: make fprop_new_period() hardirq safe (Jan Kara) [Orabug: 38970373] {CVE-2026-23168} - selftests: mptcp: join: fix local endp not being tracked (Matthieu Baerts) - selftests: mptcp: check subflow errors in close events (Matthieu Baerts) - selftests: mptcp: check no dup close events after error (Matthieu Baerts) - mptcp: only reset subflow errors when propagated (Matthieu Baerts) - gpio: rockchip: Stop calling pinctrl for set_direction (Robin Murphy) - nvmet: fix race in nvmet_bio_done() leading to NULL pointer dereference (Ming Lei) [Orabug: 38970608] {CVE-2026-23148} - efivarfs: fix error propagation in efivar_entry_get() (Kohei Enju) [Orabug: 38970325] {CVE-2026-23156} - scsi: qla2xxx: edif: Fix dma_free_coherent() size (Thomas Fourier) - gpio: pca953x: mask interrupts in irq shutdown (Martin Larsson) - ASoC: amd: yc: Add DMI quirk for Acer TravelMate P216-41-TCO (Zhang Heng) - scsi: be2iscsi: Fix a memory leak in beiscsi_boot_get_sinfo() (Haoxiang Li) - ASoC: fsl: imx-card: Do not force slot width to sample width (Fabio Estevam) - rust: kbuild: give --config-path to rustfmt in .rsi target (Miguel Ojeda) - rust: rbtree: fix documentation typo in CursorMut peek_next method(Hang Shu) - riscv: compat: fix COMPAT_UTS_MACHINE definition (Han Gao) - pinctrl: meson: mark the GPIO controller as sleeping (Bartosz Golaszewski) - sched/deadline: Fix 'stuck' dl_server (Peter Zijlstra) - sched/deadline: Document dl_server (Peter Zijlstra) - dma/pool: distinguish between missing and exhausted atomic pools (Sai Sree Kartheek Adivi) - bcache: fix I/O accounting leak in detached_dev_do_request (Shida Zhang) - bcache: use bio cloning for detached device requests (Shida Zhang) - bcache: fix improper use of bi_end_io (Shida Zhang) - gpio: virtuser: fix UAF in configfs release path (Yuhao Huang) - gpiolib: acpi: use BIT_ULL() for u64 mask in address space handler (Denis Sergeev) - ASoC: Intel: sof_es8336: fix headphone GPIO logic inversion (Tagir Garaev) - scsi: firewire: sbp-target: Fix overflow in sbp_make_tpg() (Kery Qi) - net/mlx5e: Skip ESN replay window setup for IPsec crypto offload (Jianbo Liu) - net/mlx5: Fix vhca_id access call trace use before alloc (Parav Pandit) - net/mlx5: Initialize events outside devlink lock (Cosmin Ratiu) - net/mlx5: fs, Fix inverted cap check in tx flow table root disconnect (Shay Drory) - net: phy: micrel: fix clk warning when removing the driver (Wei Fang) - net: bridge: fix static key check (Martin Kaiser) - nfc: nci: Fix race between rfkill and nci_unregister_device(). (Kuniyuki Iwashima) - net/mlx5e: TC, delete flows only for existing peers (Mark Bloch) [Orabug: 38970397] {CVE-2026-23173} - ice: stop counting UDP csum mismatch as rx_errors (Jesse Brandeburg) - ice: Fix NULL pointer dereference in ice_vsi_set_napi_queues (Aaron Ma) [Orabug: 38970364] {CVE-2026-23166} - nfc: llcp: Fix memleak in nfc_llcp_send_ui_frame(). (Kuniyuki Iwashima) - rocker: fix memory leak in rocker_world_port_post_fini() (Kery Qi) [Orabug: 38970351] {CVE-2026-23164} - net: wwan: t7xx: fix potential skb-> frags overflow in RX path (Kery Qi) - ipv6: use the right ifindex when replying to icmpv6 from localhost (Fernando Fernandez Mancera) - net: mvpp2: cls: Fix memory leak inmvpp2_ethtool_cls_rule_ins() (Zilin Guan) - bonding: annotate data-races around slave-> last_rx (Eric Dumazet) [Orabug: 38985142] {CVE-2026-23212} - octeon_ep: Fix memory leak in octep_device_setup() (Zilin Guan) - net: bcmasp: fix early exit leak with fixed phy (Justin Chen) - can: gs_usb: gs_usb_receive_bulk_callback(): fix error message (Marc Kleine-Budde) - net/mlx5: Fix memory leak in esw_acl_ingress_lgcy_setup() (Zilin Guan) - Bluetooth: MGMT: Fix memory leak in set_ssp_complete (Jianpeng Chang) [Orabug: 38970587] {CVE-2026-23151} - Bluetooth: hci_uart: fix null-ptr-deref in hci_uart_write_work (Jia-Hong Su) [Orabug: 38970604] {CVE-2026-23146} - can: at91_can: Fix memory leak in at91_can_probe() (Zilin Guan) - LTS version: v6.12.68 (Jack Vogel) - vsock/virtio: Fix message iterator handling on transmit path (Will Deacon) - net: Introduce skb_copy_datagram_from_iter_full() (Will Deacon) - vsock/virtio: Allocate nonlinear SKBs for handling large transmit buffers (Will Deacon) - vhost/vsock: Allocate nonlinear SKBs for handling large receive buffers (Will Deacon) - vsock/virtio: Rename virtio_vsock_skb_rx_put() (Will Deacon) - vsock/virtio: Move SKB allocation lower-bound check to callers (Will Deacon) - vsock/virtio: Rename virtio_vsock_alloc_skb() (Will Deacon) - vsock/virtio: Move length check to callers of virtio_vsock_skb_rx_put() (Will Deacon) - wifi: ath11k: fix RCU stall while reaping monitor destination ring (P Praneesh) [Orabug: 37844129] {CVE-2024-58097} - btrfs: fix racy bitfield write in btrfs_clear_space_info_full() (Boris Burkov) [Orabug: 38798802] {CVE-2025-68358} - accel/ivpu: Fix race condition when unbinding BOs (Tomasz Rusinowicz) - fs/ntfs3: Initialize allocated memory before use (Bartlomiej Kubik) - sched_ext: Fix possible deadlock in the deferred_irq_workfn() (Zqiang) [Orabug: 38792605] {CVE-2025-68333} - exfat: fix refcount leak in exfat_find (Shuhao Fu) [Orabug: 38798780] {CVE-2025-68351} - iio: adc: exynos_adc: fix OF populate on driver rebind (Johan Hovold) - iio: core: add separatelockdep class for info_exist_lock (Rasmus Villemoes) - iio: core: Replace lockdep_set_class() + mutex_init() by combined call (Andy Shevchenko) - iio: core: add missing mutex_destroy in iio_dev_release() (Andy Shevchenko) - arm64: dts: rockchip: remove redundant max-link-speed from nanopi-r4s (Geraldo Nascimento) - bpf: Do not let BPF test infra emit invalid GSO types to stack (Daniel Borkmann) [Orabug: 38798881] {CVE-2025-68725} - selftests/bpf: Check for timeout in perf_link test (Ihor Solodrai) - can: esd_usb: esd_usb_read_bulk_callback(): fix URB memory leak (Marc Kleine-Budde) - dmaengine: ti: k3-udma: Enable second resource range for BCDMA and PKTDMA (Siddharth Vadapalli) - migrate: correct lock ordering for hugetlb file folios (Matthew Wilcox) [Orabug: 38931066] {CVE-2026-23097} - gpio: cdev: Correct return code on memory allocation failure (Tzung-Bi Shih) - drm/amdgpu: remove frame cntl for gfx v12 (Likun Gao) - can: usb_8dev: usb_8dev_read_bulk_callback(): fix URB memory leak (Marc Kleine-Budde) [Orabug: 38931120] {CVE-2026-23108} - can: mcba_usb: mcba_usb_read_bulk_callback(): fix URB memory leak (Marc Kleine-Budde) - can: kvaser_usb: kvaser_usb_read_bulk_callback(): fix URB memory leak (Marc Kleine-Budde) [Orabug: 38930881] {CVE-2026-23061} - can: ems_usb: ems_usb_read_bulk_callback(): fix URB memory leak (Marc Kleine-Budde) [Orabug: 38930859] {CVE-2026-23058} - net: sfp: add potron quirk to the H-COM SPP425H-GAB4 SFP+ Stick (Hamza Mahfooz) - irqchip/gic-v3-its: Avoid truncating memory addresses (Arnd Bergmann) [Orabug: 38931001] {CVE-2026-23085} - perf/x86/intel: Do not enable BTS for guests (Fernand Sieber) - pmdomain: imx8m-blk-ctrl: Remove separate rst and clk mask for 8mq vpu (Ming Qian) - platform/x86: hp-bioscfg: Fix automatic module loading (Mario Limonciello) - netrom: fix double-free in nr_route_frame() (Jeongjun Park) - uacce: ensure safe queue release with state management (Chenghai Huang) - uacce: implement mremap in uacce_vm_ops to return -EPERM (Yang Shen) - uacce: fix isolate sysfscheck condition (Chenghai Huang) - uacce: fix cdev handling in the cleanup path (Wenkai Lin) - s390/ap: Fix wrong APQN fill calculation (Harald Freudenberger) - mei: trace: treat reg parameter as string (Alexander Usyskin) - intel_th: fix device leak on output open() (Johan Hovold) [Orabug: 38931040] {CVE-2026-23091} - tracing: Fix crash on synthetic stacktrace field usage (Steven Rostedt) [Orabug: 38931024] {CVE-2026-23088} - slimbus: core: fix device reference leak on report present (Johan Hovold) - slimbus: core: fix runtime PM imbalance on report present (Johan Hovold) - octeontx2: Fix otx2_dma_map_page() error return code (Thomas Fourier) - arm64: Set __nocfi on swsusp_arch_resume() (Zhaoyang Huang) [Orabug: 38970241] {CVE-2026-23128} - arm64/fpsimd: signal: Allocate SSVE storage when restoring ZA (Mark Rutland) [Orabug: 38931118] {CVE-2026-23107} - wifi: rsi: Fix memory corruption due to not set vif driver data size (Marek Vasut) [Orabug: 38930939] {CVE-2026-23073} - wifi: mwifiex: Fix a loop in mwifiex_update_ampdu_rxwinsize() (Dan Carpenter) - wifi: ath12k: fix dma_free_coherent() pointer (Thomas Fourier) - wifi: ath10k: fix dma_free_coherent() pointer (Thomas Fourier) [Orabug: 38970253] {CVE-2026-23133} - drm/nouveau/disp: Set drm_mode_config_funcs.atomic_(check|commit) (Lyude Paul) - mmc: sdhci-of-dwcmshc: Prevent illegal clock reduction in HS200/HS400 mode (Shawn Lin) - mmc: rtsx_pci_sdmmc: implement sdmmc_card_busy function (Matthew Schwartz) - ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() (Berk Cem Goksel) [Orabug: 38931029] {CVE-2026-23089} - ALSA: scarlett2: Fix buffer overflow in config retrieval (Samasth Norway Ananda) [Orabug: 38930973] {CVE-2026-23078} - ALSA: ctxfi: Fix potential OOB access in audio mixer handling (Takashi Iwai) [Orabug: 38930966] {CVE-2026-23076} - iio: dac: ad5686: add AD5695R to ad5686_chip_info_tbl (Andreas Kübrich) - iio: chemical: scd4x: fix reported channel endianness (Fiona Klute) - iio: adc: pac1934: Fix clamped value in pac1934_reg_snapshot (ThorstenBlum) - iio: adc: at91-sama5d2_adc: Fix potential use-after-free in sama5d2_adc driver (Pei Xiao) - iio: adc: ad9467: fix ad9434 vref mask (Tomas Melin) - iio: accel: iis328dq: fix gain values (Markus Koeniger) - iio: accel: adxl380: fix handling of unavailable "INT1" interrupt (Francesco Lavra) - of: platform: Use default match table for /firmware (Rob Herring) - of: fix reference count leak in of_alias_scan() (Weigang He) - leds: led-class: Only Add LED to leds_list when it is fully ready (Hans de Goede) [Orabug: 38931091] {CVE-2026-23101} - keys/trusted_keys: fix handle passed to tpm_buf_append_name during unseal (Srish Srinivasan) - tpm: Compare HMAC values in constant time (Eric Biggers) - x86: make page fault handling disable interrupts properly (Cedric Xing) - dpll: Prevent duplicate registrations (Ivan Vecera) [Orabug: 38970244] {CVE-2026-23129} - net/sched: act_ife: avoid possible NULL deref (Eric Dumazet) - vsock/virtio: cap TX credit to local buffer size (Melbin K Mathew) [Orabug: 38931008] {CVE-2026-23086} - vsock/test: fix seqpacket message bounds test (Stefano Garzarella) - vsock/virtio: fix potential underflow in virtio_transport_get_credit() (Melbin K Mathew) [Orabug: 38930919] {CVE-2026-23069} - net: openvswitch: fix data race in ovs_vport_get_upcall_stats (David Yang) - octeontx2-af: Fix error handling (Ratheesh Kannoth) - net: dsa: fix off-by-one in maximum bridge ID determination (Vladimir Oltean) - bonding: provide a net pointer to __skb_flow_dissect() (Eric Dumazet) [Orabug: 38970199] {CVE-2026-23119} - selftests: net: amt: wait longer for connection before sending packets (Taehee Yoo) - be2net: Fix NULL pointer dereference in be_cmd_get_mac_from_list (Andrey Vatoropin) [Orabug: 38930992] {CVE-2026-23084} - drm/nouveau: implement missing DCB connector types; gracefully handle unknown connectors (Alex Ramírez) - drm/nouveau: add missing DCB connector types (Alex Ramírez) - drm/amd/pm: Workaround SI powertune issue on Radeon 430 (v2) (Timur Kristóf) - drm/amd/pm: Don't clear SI SMC tablewhen setting power limit (Timur Kristóf) - sched/fair: Fix pelt clock sync when entering idle (Vincent Guittot) - clocksource: Reduce watchdog readout delay limit to prevent false positives (Thomas Gleixner) - usbnet: limit max_mtu based on device's hard_mtu (Laurent Vivier) - ipv6: annotate data-race in ndisc_router_discovery() (Eric Dumazet) [Orabug: 38970222] {CVE-2026-23124} - mISDN: annotate data-race around dev-> work (Eric Dumazet) - net: hns3: fix the HCLGE_FD_AD_NXT_KEY error setting issue (Jijie Shao) - net: hns3: fix wrong GENMASK() for HCLGE_FD_AD_COUNTER_NUM_M (Jijie Shao) - be2net: fix data race in be_get_new_eqd (David Yang) - net: hns3: fix data race in hns3_fetch_stats (David Yang) - ice: Fix persistent failure in ice_get_rxfh (Cody Haas) - netdevsim: fix a race issue related to the operation on bpf_bound_progs list (Yun Lu) [Orabug: 38970233] {CVE-2026-23126} - drm/imagination: Wait for FW trace update command completion (Brajesh Gupta) - ALSA: usb: Increase volume range that triggers a warning (Arun Raghavan) - scsi: qla2xxx: Sanitize payload size to prevent member overflow (Jiasheng Jiang) [Orabug: 38930867] {CVE-2026-23059} - scsi: core: Wake up the error handler when final completions race against each other (David Jeffery) [Orabug: 38931132] {CVE-2026-23110} - platform/x86/amd: Fix memory leak in wbrf_record() (Zilin Guan) - riscv: clocksource: Fix stimecmp update hazard on RV32 (Naohiko Shimizu) - kconfig: fix static linking of nconf (Arusekk) - regmap: Fix race condition in hwspinlock irqsave routine (Cheng-Yu Lee) [Orabug: 38930930] {CVE-2026-23071} - spi: spi-sprd-adi: Fix double free in probe error path (Felix Gu) - interconnect: debugfs: initialize src_node and dst_node to empty strings (Georgi Djakov) [Orabug: 38970218] {CVE-2026-23123} - iio: adc: ad7280a: handle spi_setup() errors in probe() (Pavel Zhigulin) - iio: imu: st_lsm6dsx: fix iio_chan_spec for sensors without event detection (Francesco Lavra) - io_uring/io-wq: check IO_WQ_BIT_EXIT inside work run loop (Jens Axboe)[Orabug: 38970181] {CVE-2026-23113} - mm/rmap: fix two comments related to huge_pmd_unshare() (David Hildenbrand) - platform/x86: hp-bioscfg: Fix kernel panic in GET_INSTANCE_ID macro (Mario Limonciello) [Orabug: 38930890] {CVE-2026-23062} - platform/x86: hp-bioscfg: Fix kobject warnings for empty attribute names (Mario Limonciello) [Orabug: 38970247] {CVE-2026-23131} - comedi: Fix getting range information for subdevices 16 to 255 (Ian Abbott) - x86/kfence: avoid writing L1TF-vulnerable PTEs (Andrew Cooper) - arm64: dts: rockchip: Fix voltage threshold for volume keys for Pinephone Pro (Ondrej Jirman) - arm64: dts: rockchip: remove dangerous max-link-speed from helios64 (Geraldo Nascimento) - scsi: xen: scsiback: Fix potential memory leak in scsiback_remove() (Abdun Nihaal) [Orabug: 38931014] {CVE-2026-23087} - scsi: storvsc: Process unsupported MODE_SENSE_10 (Long Li) - Input: i8042 - add quirk for ASUS Zenbook UX425QA_UM425QA (Feng) - Input: i8042 - add quirks for MECHREVO Wujie 15X Pro (Gongqi) - Revert "nfc/nci: Add the inconsistency check between the input data length and count" (Thadeu Lima de Souza Cascardo) - w1: fix redundant counter decrement in w1_attach_slave_device() (Haoxiang Li) - w1: therm: Fix off-by-one buffer overflow in alarms_store (Thorsten Blum) [Orabug: 38930796] {CVE-2025-71197} - comedi: dmm32at: serialize use of paged registers (Ian Abbott) - serial: 8250_pci: Fix broken RS485 for F81504/508/512 (Marnix Rijnart) - wifi: mac80211: don't perform DA check on S1G beacon (Lachlan Hodges) - crypto: authencesn - reject too-short AAD (assoclen
Mar 24, 2026
•Important
Oracle
100
security advisoryupdateimportantSUSE Linux Micro 6.0: Kernel Livepatch Important Update 2025:20878-1
* bsc#1246075 * bsc#1247158 * bsc#1247452 * bsc#1248376 * bsc#1248673 . # Security update for kernel-livepatch-MICRO-6-0-RT_Update_9 Announcement ID: SUSE-SU-2025:20878-1 Release Date: 2025-10-24T10:10:54Z Rating: important References: * bsc#1246075 * bsc#1247158 * bsc#1247452 * bsc#1248376 * bsc#1248673 * bsc#1248749 * bsc#1249458 * bsc#1249534 Cross-References: * CVE-2025-38110 * CVE-2025-38206 * CVE-2025-38396 * CVE-2025-38471 * CVE-2025-38499 * CVE-2025-38566 * CVE-2025-38644 * CVE-2025-38678 CVSS scores: * CVE-2025-38110 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38110 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38206 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38206 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38396 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38396 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38471 ( SUSE ): 8.4 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38471 ( SUSE ): 7.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H * CVE-2025-38499 ( SUSE ): 6.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:H * CVE-2025-38499 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H * CVE-2025-38566 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38566 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38644 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38644 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38678 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves eight vulnerabilities can now be installed. ##Description: This update for kernel-livepatch-MICRO-6-0-RT_Update_9 fixes the following issues: * CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246075) * CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247158) * CVE-2025-38471: kernel: tls: always refresh the queue when reading sock (bsc#1247452) * CVE-2025-38566: sunrpc: fix handling of server side tls alerts (bsc#1248376) * CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1248673) * CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248749) * CVE-2025-38110: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (bsc#1249458) * CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249534) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-168=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-6_4_0-33-rt-6-1.2 * kernel-livepatch-6_4_0-33-rt-debuginfo-6-1.2 * kernel-livepatch-MICRO-6-0-RT_Update_9-debugsource-6-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-38110.html * https://www.suse.com/security/cve/CVE-2025-38206.html * https://www.suse.com/security/cve/CVE-2025-38396.html * https://www.suse.com/security/cve/CVE-2025-38471.html * https://www.suse.com/security/cve/CVE-2025-38499.html * https://www.suse.com/security/cve/CVE-2025-38566.html * https://www.suse.com/security/cve/CVE-2025-38644.html * https://www.suse.com/security/cve/CVE-2025-38678.html * https://bugzilla.suse.com/show_bug.cgi?id=1246075 * https://bugzilla.suse.com/show_bug.cgi?id=1247158 * https://bugzilla.suse.com/show_bug.cgi?id=1247452 *https://bugzilla.suse.com/show_bug.cgi?id=1248376 * https://bugzilla.suse.com/show_bug.cgi?id=1248673 * https://bugzilla.suse.com/show_bug.cgi?id=1248749 * https://bugzilla.suse.com/show_bug.cgi?id=1249458 * https://bugzilla.suse.com/show_bug.cgi?id=1249534 . A critical update for SUSE Linux Micro 6.0 addressing important system vulnerabilities to enhance security.. kernel-livepatch,SUSE Linux Micro,security update,system vulnerabilities,patching. . Severity: Important. LinuxSecurity.com Team
Oct 27, 2025
•Important
SuSE
89
security advisoryfedoracriticalFedora 35 Kernel Update 5.17.12 Critical: Null Pointer Issue
The 5.17.12 stable kernel update contains a number of important fixes across the tree.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-3b86247c11 2022-06-05 01:26:55.202323 --------------------------------------------------------------------------------Name : kernel Product : Fedora 35 Version : 5.17.12 Release : 200.fc35 URL : https://www.kernel.org/ Summary : The Linux kernel Description : The kernel meta package --------------------------------------------------------------------------------Update Information: The 5.17.12 stable kernel update contains a number of important fixes across the tree. --------------------------------------------------------------------------------ChangeLog: * Mon May 30 2022 Justin M. Forbes [5.17.12-0] - Revert "crypto: rng - Override drivers/char/random in FIPS mode" (Justin M. Forbes) - Revert "random: Add hook to override device reads and getrandom(2)" (Justin M. Forbes) --------------------------------------------------------------------------------References: [ 1 ] Bug #2090723 - CVE-2022-1789 kernel: x86/kvm: NULL pointer dereference in kvm_mmu_invpcid_gva https://bugzilla.redhat.com/show_bug.cgi?id=2090723 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-3b86247c11' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Jun 04, 2022
•Critical
Fedora
203
security advisorymemory leaklocal exploitationMageia 7 and 8: 2021-0295 Moderate Vulnerability in Kernel-Linus Detected
This kernel-linus update is based on upstream 5.10.46 and fixes atleast the following security issues: In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an . MGASA-2021-0295 - Updated kernel-linus packages fix security vulnerabilities Publication date: 28 Jun 2021 URL: https://advisories.mageia.org/MGASA-2021-0295.html Type: security Affected Mageia releases: 7, 8 CVE: CVE-2021-33624, CVE-2021-34693 This kernel-linus update is based on upstream 5.10.46 and fixes atleast the following security issues: In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack (CVE-2021-33624). net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized. (CVE-2021-34693). For other upstream fixes, see the referenced changelog. References: - https://bugs.mageia.org/show_bug.cgi?id=29171 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.46 - https://www.cve.org/CVERecord?id=CVE-2021-33624 - https://www.cve.org/CVERecord?id=CVE-2021-34693 SRPMS: - 7/core/kernel-linus-5.10.46-1.mga7 - 8/core/kernel-linus-5.10.46-1.mga8 . Mageia's kernel-linus release resolves significant problems such as memory leaks and type confusion flaws.. kernel-linus update,mageia security advisory,local exploitation,system vulnerabilities. . LinuxSecurity.com Team
Jun 28, 2021
Mageia
199
security advisoryupdatecriticalCentOS 7 CESA-2018-1997 Critical: Libvirt Security Risk and Fix
Upstream details at : https://access.redhat.com/errata/RHSA-2018:1997. CentOS Errata and Security Advisory 2018:1997 Important Upstream details at : https://access.redhat.com/errata/RHSA-2018:1997 The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: e03811a1f431ea68b53a6b84746d495a4207fbb84d6ca11a9a6ccc430ae470b3 libvirt-3.9.0-14.el7_5.6.x86_64.rpm cdde95ee8ec7d4ad56a7b5d3f5ae5dcf2475136317652806749788e42f598dba libvirt-admin-3.9.0-14.el7_5.6.x86_64.rpm 13529d56a49b3801188f7b310cc35e0a8804ca4b62d7ee17ad5dbe4550af39ee libvirt-client-3.9.0-14.el7_5.6.i686.rpm 666d397eeae3f3de4dd4f7ace46bbbbb4465b296b3117747178aae560f4e0ac6 libvirt-client-3.9.0-14.el7_5.6.x86_64.rpm 4dede1413a321390c6ec917cf7bdd4175084a6f654088383908d8e2bf39e83a3 libvirt-daemon-3.9.0-14.el7_5.6.x86_64.rpm 9523ef0096e2780986b610db1eb978f1b58811d1650e35af3e7aab1f59aafd1f libvirt-daemon-config-network-3.9.0-14.el7_5.6.x86_64.rpm 19d65467041f9217554e91f7dd2a7454c47e284ea7c9c4aee8237918870c9b4c libvirt-daemon-config-nwfilter-3.9.0-14.el7_5.6.x86_64.rpm 041df35ccf3ab065535bdaf63303c9797fc0842e9f1f59c666440bc29acb747a libvirt-daemon-driver-interface-3.9.0-14.el7_5.6.x86_64.rpm 60aaff0899ee635ccca1ea4be9fd4b080747c4ed24624edabcc8aa905098ea8e libvirt-daemon-driver-lxc-3.9.0-14.el7_5.6.x86_64.rpm 2785a1d28bf02c6ab38b4a7c9c3d92763eef7992354f909a0761d905ae4f4f5f libvirt-daemon-driver-network-3.9.0-14.el7_5.6.x86_64.rpm d0b5329f0d8cf82f184d7ecfb665caf7f1b5ca995df18dbe5b312f86f95ebe6c libvirt-daemon-driver-nodedev-3.9.0-14.el7_5.6.x86_64.rpm c28d13154ca30e35940da1f5fa4cbdb500b0d5def92e112dacf6f042c81b3677 libvirt-daemon-driver-nwfilter-3.9.0-14.el7_5.6.x86_64.rpm 63858e32e69b0d22cb5ba67c7f70f047b859712c06a0bbb1ac8e8b3beccb6038 libvirt-daemon-driver-qemu-3.9.0-14.el7_5.6.x86_64.rpm 3a617e726488421d26f9b3814b88e857e5fadaa1347144839d4af7b18bd6c314 libvirt-daemon-driver-secret-3.9.0-14.el7_5.6.x86_64.rpm d5c06bcf4ce75abb7b0cd757149fc26b31cc986c8d011c4fe62798761da985c4 libvirt-daemon-driver-storage-3.9.0-14.el7_5.6.x86_64.rpm e8fb06888ff9bdf55bb267f4f590eac7b587923bc65cdf1defe0340daea7cd16 libvirt-daemon-driver-storage-core-3.9.0-14.el7_5.6.x86_64.rpm 8c4959bdd8018a9056a2e1e3c51c5da0f552ed24531f8f8d252353c75b91c6d7 libvirt-daemon-driver-storage-disk-3.9.0-14.el7_5.6.x86_64.rpm 63bfce2ecaadcdbf0797a61f1ff9b5f386e52794732f2b86a6f54e67cf30e32e libvirt-daemon-driver-storage-gluster-3.9.0-14.el7_5.6.x86_64.rpm 3993c0ba41fadb2fc58bd7689647c31c088deec1e3ad02f3f72263b6bb2cedca libvirt-daemon-driver-storage-iscsi-3.9.0-14.el7_5.6.x86_64.rpm 731316c3cd49c0756477f02f2c8c59b292dc0ab68c05d618b15d7dfdb58919c3 libvirt-daemon-driver-storage-logical-3.9.0-14.el7_5.6.x86_64.rpm 6ed1618260503e946cc137d957bf3a752a42f9cc0e830339b4cb4e09e1f62d8f libvirt-daemon-driver-storage-mpath-3.9.0-14.el7_5.6.x86_64.rpm c5f1db08043598bdf1583ad68a026de50c9bc3d4f865e32088c7a9819dc90212 libvirt-daemon-driver-storage-rbd-3.9.0-14.el7_5.6.x86_64.rpm b1c27a345f1e525dfde3bb129c862532cf3e4561a9ff5508f5b6d63162e63e50 libvirt-daemon-driver-storage-scsi-3.9.0-14.el7_5.6.x86_64.rpm e2c8863dcad346b2cea9eba6c06035430e1acee9ec805448155a8ce958690916 libvirt-daemon-kvm-3.9.0-14.el7_5.6.x86_64.rpm 4e193a27c641b361adfe0a51e4045f92beb234b4beea5a139c9d2ee5bfa8544f libvirt-daemon-lxc-3.9.0-14.el7_5.6.x86_64.rpm a8b68940a291067cd168a62e96dda45bb6e0aa4263f542f5e1675677274b33d9 libvirt-devel-3.9.0-14.el7_5.6.i686.rpm 3b97bd560ebaa40bc5801e1cdc7555b321f64c3d921c03af9e120b67c81f6959 libvirt-devel-3.9.0-14.el7_5.6.x86_64.rpm d655fccc85574e837760a8ac312c4cdccb6e65ce80b68c75fd3f577c81fe6164 libvirt-docs-3.9.0-14.el7_5.6.x86_64.rpm 2ad925805c91e1c4935594bdef0b8eb4cb098f4e72f597939c95d19faadc2d65 libvirt-libs-3.9.0-14.el7_5.6.i686.rpm 141d6895f0f7019fea923016ba1fc5ec2bd9f1779ccea79ffbb713d550406a16 libvirt-libs-3.9.0-14.el7_5.6.x86_64.rpm 8c47b582f7bcb860a98ef88f8b1d0cd06294d06d6c4b5e08a9a0ad76041b3da0 libvirt-lock-sanlock-3.9.0-14.el7_5.6.x86_64.rpm 6cf8837129e639527b0b867afffaf29c8564eb2879629afd0b730e4f89360e33 libvirt-login-shell-3.9.0-14.el7_5.6.x86_64.rpm 082e0df2f3ed50b7d9aa78699ae3a0b366ce9b5f136e729394ef87dd9d80208c libvirt-nss-3.9.0-14.el7_5.6.i686.rpm 1cce084795f5cca7d1eb85fa17a4777f2517f89b69eae8b8b09948d7b9457222 libvirt-nss-3.9.0-14.el7_5.6.x86_64.rpm Source: ce17f2fd2ad6d3fabfa56a415b5abd730533723ed214f2dc63856d75d10b0a71 libvirt-3.9.0-14.el7_5.6.src.rpm -- Johnny Hughes CentOS Project { https://www.centos.org/ } irc: hughesjr, #
Jul 03, 2018
•Critical
CentOS
172
security advisorymoderatedenial of serviceUbuntu 10.04 LTS USN-1572-1 Moderate Kernel Denial Of Service
Several security issues were fixed in the kernel.. =========================================================================Ubuntu Security Notice USN-1572-1 September 19, 2012 linux vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 10.04 LTS Summary: Several security issues were fixed in the kernel. Software Description: - linux: Linux kernel Details: Ben Hutchings reported a flaw in the Linux kernel with some network drivers that support TSO (TCP segment offload). A local or peer user could exploit this flaw to to cause a denial of service. (CVE-2012-3412) Jay Fenlason and Doug Ledford discovered a bug in the Linux kernel implementation of RDS sockets. A local unprivileged user could potentially use this flaw to read privileged information from the kernel. (CVE-2012-3430) A flaw was discovered in the madvise feature of the Linux kernel's memory subsystem. An unprivileged local use could exploit the flaw to cause a denial of service (crash the system). (CVE-2012-3511) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 10.04 LTS: linux-image-2.6.32-43-386 2.6.32-43.97 linux-image-2.6.32-43-generic 2.6.32-43.97 linux-image-2.6.32-43-generic-pae 2.6.32-43.97 linux-image-2.6.32-43-ia64 2.6.32-43.97 linux-image-2.6.32-43-lpia 2.6.32-43.97 linux-image-2.6.32-43-powerpc 2.6.32-43.97 linux-image-2.6.32-43-powerpc-smp 2.6.32-43.97 linux-image-2.6.32-43-powerpc64-smp 2.6.32-43.97 linux-image-2.6.32-43-preempt 2.6.32-43.97 linux-image-2.6.32-43-server 2.6.32-43.97 linux-image-2.6.32-43-sparc64 2.6.32-43.97 linux-image-2.6.32-43-sparc64-smp 2.6.32-43.97 linux-image-2.6.32-43-versatile 2.6.32-43.97 linux-image-2.6.32-43-virtual 2.6.32-43.97 After a standard system update you need to reboot your computer to make allthe necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. If you use linux-restricted-modules, you have to update that package as well to get modules which work with the new kernel version. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-server, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-1572-1 CVE-2012-3412, CVE-2012-3430, CVE-2012-3511 Package Information: https://launchpad.net/ubuntu/+source/linux/2.6.32-43.97 . Multiple vulnerabilities addressed in the Ubuntu kernel, impacting local machine integrity and presenting possible denial of service scenarios.. Ubuntu Kernel Security, Local Exploits, Security Patches. . Severity: Important. LinuxSecurity.com Team
Sep 19, 2012
•Important
Ubuntu
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!