In the Linux kernel, the following vulnerability has been resolved: nvme: nvme-fc: Ensure ->ioerr_work is cancelled in nvme_fc_delete_ctrl() nvme_fc_delete_assocation() waits for pending I/O to complete before returning, and an error can cause ->ioerr_work to be queued after cancel_work_sync() had been called. Move the call to cancel_work_sync() to be after nvme_fc_delete_association() to ensure ->ioerr_work is not running when the nvme_fc_ctrl object is freed. Otherwise the following can occur: [ 1135.911754] list_del corruption, ff2d24c8093f31f8->next is NULL [ 1135.917705] ------------[ cut here ]------------ [ 1135.922336] kernel BUG at lib/list_debug.c:52! [ 1135.926784] Oops: invalid opcode: 0000 [#1] SMP NOPTI [ 1135.931851] CPU: 48 UID: 0 PID: 726 Comm: kworker/u449:23 Kdump: loaded Not tainted 6.12.0 #1 PREEMPT(voluntary) [ 1135.943490] Hardware name: Dell Inc. PowerEdge R660/0HGTK9, BIOS 2.5.4 01/16/2025 [ 1135.950969] Workqueue: 0x0 (nvme-wq) [ 1135.954673] RIP: 0010:__list_del_entry_valid_or_report.cold+0xf/0x6f [ 1135.961041] Code: c7 c7 98 68 72 94 e8 26 45 fe ff 0f 0b 48 c7 c7 70 68 72 94 e8 18 45 fe ff 0f 0b 48 89 fe 48 c7 c7 80 69 72 94 e8 07 45 fe ff <0f> 0b 48 89 d1 48 c7 c7 a0 6a 72 94 48 89 c2 e8 f3 44 fe ff 0f 0b [ 1135.979788] RSP: 0018:ff579b19482d3e50 EFLAGS: 00010046 [ 1135.985015] RAX: 0000000000000033 RBX: ff2d24c8093f31f0 RCX: 0000000000000000 [ 1135.992148] RDX: 0000000000000000 RSI: ff2d24d6bfa1d0c0 RDI: ff2d24d6bfa1d0c0 [ 1135.999278] RBP: ff2d24c8093f31f8 R08: 0000000000000000 R09: ffffffff951e2b08 [ 1136.006413] R10: ffffffff95122ac8 R11: 0000000000000003 R12: ff2d24c78697c100 [ 1136.013546] R13: fffffffffffffff8 R14: 0000000000000000 R15: ff2d24c78697c0c0 [ 1136.020677] FS: 0000000000000000(0000) GS:ff2d24d6bfa00000(0000) knlGS:0000000000000000 [ 1136.028765] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1136.034510] CR2: 00007fd207f90b80 CR3: 000000163ea22003 CR4: 0000000000f73ef0 [ 1136.041641] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1136.048776] DR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400 [ 1136.055910] PKRU: 55555554 [ 1136.058623] Call Trace: [ 1136.061074] <TASK> [ 1136.063179] ? show_trace_log_lvl+0x1b0/0x2f0 [ 1136.067540] ? show_trace_log_lvl+0x1b0/0x2f0 [ 1136.071898] ? move_linked_works+0x4a/0xa0 [ 1136.075998] ? __list_del_entry_valid_or_report.cold+0xf/0x6f [ 1136.081744] ? __die_body.cold+0x8/0x12 [ 1136.085584] ? die+0x2e/0x50 [ 1136.088469] ? do_trap+0xca/0x110 [ 1136.091789] ? do_error_trap+0x65/0x80 [ 1136.095543] ? __list_del_entry_valid_or_report.cold+0xf/0x6f [ 1136.101289] ? exc_invalid_op+0x50/0x70 [ 1136.105127] ? __list_del_entry_valid_or_report.cold+0xf/0x6f [ 1136.110874] ? asm_exc_invalid_op+0x1a/0x20 [ 1136.115059] ? __list_del_entry_valid_or_report.cold+0xf/0x6f [ 1136.120806] move_linked_works+0x4a/0xa0 [ 1136.124733] worker_thread+0x216/0x3a0 [ 1136.128485] ? __pfx_worker_thread+0x10/0x10 [ 1136.132758] kthread+0xfa/0x240 [ 1136.135904] ? __pfx_kthread+0x10/0x10 [ 1136.139657] ret_from_fork+0x31/0x50 [ 1136.143236] ? __pfx_kthread+0x10/0x10 [ 1136.146988] ret_from_fork_asm+0x1a/0x30 [ 1136.150915] </TASK>

The remote Ubuntu 24.04 LTS / 25.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8094-1 advisory.

    Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module (LSM).
    An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor     profiles causing denial of service, exposure of sensitive information (kernel memory), local privilege     escalation, or possibly escape a container. (LP: #2143853)

    It was discovered that some AMD Zen 5 processors supporting RDSEED instruction did not properly handle     entropy, potentially resulting in the consumption of insufficiently random values. A local attacker could     possibly use this issue to influence the values returned by the RDSEED instruction causing loss of     confidentiality and integrity. (CVE-2025-62626)

    Several security issues were discovered in the Linux kernel. An attacker could possibly use these to     compromise the system. This update corrects flaws in the following subsystems:

    - ARM64 architecture;

    - S390 architecture;

    - x86 architecture;

    - Block layer subsystem;

    - Cryptographic API;

    - Compute Acceleration Framework;

    - ATM drivers;

    - Network block device driver;

    - Bluetooth drivers;

    - Data acquisition framework and drivers;

    - Hardware crypto device drivers;

    - Device frequency scaling framework;

    - Intel Stratix 10 firmware drivers;

    - GPIO subsystem;

    - GPU drivers;

    - Microsoft Hyper-V drivers;

    - CoreSight HW tracing drivers;

    - IIO subsystem;

    - InfiniBand drivers;

    - Input Device core drivers;

    - Input Device (Tablet) drivers;

    - IOMMU subsystem;

    - IRQ chip drivers;

    - Macintosh device drivers;

    - Multiple devices driver;

    - MOST (Media Oriented Systems Transport) drivers;

    - MTD block device drivers;

    - Network drivers;

    - Mellanox network drivers;

    - Texas Instruments network drivers;

    - Ethernet team driver;

    - MediaTek network drivers;

    - NVME drivers;

    - Pin controllers subsystem;

    - x86 platform drivers;

    - Voltage and Current Regulator drivers;

    - Real Time Clock drivers;

    - S/390 drivers;

    - SCSI subsystem;

    - Texas Instruments SoC drivers;

    - SPI subsystem;

    - Media Oriented Systems Transport (MOST) driver;

    - Realtek RTL8723BS SDIO drivers;

    - TCM subsystem;

    - UFS subsystem;

    - DesignWare USB3 driver;

    - USB Gadget drivers;

    - Renesas USBHS Controller drivers;

    - USB Mass Storage drivers;

    - USB Type-C Connector System Software Interface driver;

    - Backlight driver;

    - Framebuffer layer;

    - AFS file system;

    - BFS file system;

    - BTRFS file system;

    - EROFS file system;

    - Ext4 file system;

    - FAT file system;

    - GFS2 file system;

    - Journaling layer for block devices (JBD2);

    - File systems infrastructure;

    - Network file system (NFS) client;

    - NTFS3 file system;

    - OCFS2 file system;

    - SMB network file system;

    - XFS file system;

    - BPF subsystem;

    - MediaTek SoC drivers;

    - Bluetooth subsystem;

    - io_uring subsystem;

    - Locking primitives;

    - Scheduler infrastructure;

    - Timer subsystem;

    - Tracing infrastructure;

    - Kexec HandOver (KHO);

    - Memory management;

    - Ceph Core library;

    - Networking core;

    - Devlink API;

    - IPv4 networking;

    - IPv6 networking;

    - Multipath TCP;

    - Open vSwitch;

    - Network traffic control;

    - VMware vSockets driver;

    - eXpress Data Path;

    - Integrity Measurement Architecture(IMA) framework;

    - Simplified Mandatory Access Control Kernel framework;

    - FireWire sound drivers;

    - HD-audio driver;

    - Turtle Beach Wavefront ALSA driver;

    - SoundWire (SDCA) ASoC drivers; (CVE-2025-40246, CVE-2025-40247, CVE-2025-40248, CVE-2025-40249,     CVE-2025-40250, CVE-2025-40251, CVE-2025-40252, CVE-2025-40253, CVE-2025-40254, CVE-2025-40255,     CVE-2025-40257, CVE-2025-40258, CVE-2025-40259, CVE-2025-40260, CVE-2025-40261, CVE-2025-40262,     CVE-2025-40263, CVE-2025-40264, CVE-2025-40265, CVE-2025-40266, CVE-2025-40290, CVE-2025-40345,     CVE-2025-68212, CVE-2025-68213, CVE-2025-68214, CVE-2025-68215, CVE-2025-68217, CVE-2025-68218,     CVE-2025-68219, CVE-2025-68220, CVE-2025-68221, CVE-2025-68222, CVE-2025-68223, CVE-2025-68225,     CVE-2025-68227, CVE-2025-68228, CVE-2025-68229, CVE-2025-68230, CVE-2025-68231, CVE-2025-68232,     CVE-2025-68233, CVE-2025-68234, CVE-2025-68235, CVE-2025-68236, CVE-2025-68237, CVE-2025-68238,     CVE-2025-68254, CVE-2025-68255, CVE-2025-68256, CVE-2025-68257, CVE-2025-68258, CVE-2025-68259,     CVE-2025-68261, CVE-2025-68262, CVE-2025-68263, CVE-2025-68264, CVE-2025-68265, CVE-2025-68266,     CVE-2025-68281, CVE-2025-68282, CVE-2025-68283, CVE-2025-68284, CVE-2025-68285, CVE-2025-68286,     CVE-2025-68287, CVE-2025-68288, CVE-2025-68289, CVE-2025-68290, CVE-2025-68292, CVE-2025-68293,     CVE-2025-68294, CVE-2025-68295, CVE-2025-68296, CVE-2025-68297, CVE-2025-68298, CVE-2025-68299,     CVE-2025-68300, CVE-2025-68301, CVE-2025-68302, CVE-2025-68303, CVE-2025-68304, CVE-2025-68305,     CVE-2025-68306, CVE-2025-68307, CVE-2025-68308, CVE-2025-68323, CVE-2025-68324, CVE-2025-68325,     CVE-2025-68326, CVE-2025-68327, CVE-2025-68328, CVE-2025-68329, CVE-2025-68330, CVE-2025-68331,     CVE-2025-68332, CVE-2025-68333, CVE-2025-68334, CVE-2025-68335, CVE-2025-68336, CVE-2025-68337,     CVE-2025-68338, CVE-2025-68339, CVE-2025-68340, CVE-2025-68341, CVE-2025-68342, CVE-2025-68343,     CVE-2025-68344, CVE-2025-68345, CVE-2025-68346, CVE-2025-68347, CVE-2025-68348, CVE-2025-68349,     CVE-2025-68352, CVE-2025-68354, CVE-2025-68356, CVE-2025-68358, CVE-2025-68359, CVE-2025-68360,     CVE-2025-68361, CVE-2025-68362, CVE-2025-68363, CVE-2025-68364, CVE-2025-68366, CVE-2025-68367,     CVE-2025-68369, CVE-2025-68370, CVE-2025-68371, CVE-2025-68372, CVE-2025-68373, CVE-2025-68374,     CVE-2025-68375, CVE-2025-68376, CVE-2025-68378, CVE-2025-68379, CVE-2025-68380, CVE-2025-68724,     CVE-2025-68726, CVE-2025-68727, CVE-2025-68728, CVE-2025-68729, CVE-2025-68730, CVE-2025-68732,     CVE-2025-68733, CVE-2025-68735, CVE-2025-68738, CVE-2025-68739, CVE-2025-68740, CVE-2025-68741,     CVE-2025-68742, CVE-2025-68743, CVE-2025-68744, CVE-2025-68746, CVE-2025-68747, CVE-2025-68748,     CVE-2025-68749, CVE-2025-68751, CVE-2025-68752, CVE-2025-68753, CVE-2025-68754, CVE-2025-68755,     CVE-2025-68756, CVE-2025-68757, CVE-2025-68758, CVE-2025-68759, CVE-2025-68760, CVE-2025-68762,     CVE-2025-68763, CVE-2025-68764, CVE-2025-68765, CVE-2025-68766, CVE-2025-71128)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8096-1 advisory.

    Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module (LSM).
    An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor     profiles causing denial of service, exposure of sensitive information (kernel memory), local privilege     escalation, or possibly escape a container. (LP: #2143853)

    Several security issues were discovered in the Linux kernel. An attacker could possibly use these to     compromise the system. This update corrects flaws in the following subsystems:

    - PowerPC architecture;

    - x86 architecture;

    - Block layer subsystem;

    - Cryptographic API;

    - ACPI drivers;

    - ATM drivers;

    - Drivers core;

    - Network block device driver;

    - Bluetooth drivers;

    - Character device driver;

    - TPM device driver;

    - Data acquisition framework and drivers;

    - Counter interface drivers;

    - CPU frequency scaling framework;

    - Intel Stratix 10 firmware drivers;

    - GPU drivers;

    - HID subsystem;

    - Hardware monitoring drivers;

    - IIO subsystem;

    - InfiniBand drivers;

    - Input Device core drivers;

    - Input Device (Tablet) drivers;

    - ISDN/mISDN subsystem;

    - Macintosh device drivers;

    - Media drivers;

    - MOST (Media Oriented Systems Transport) drivers;

    - MTD block device drivers;

    - Network drivers;

    - Mellanox network drivers;

    - Texas Instruments network drivers;

    - Ethernet team driver;

    - MediaTek network drivers;

    - NVME drivers;

    - PA-RISC drivers;

    - PCI subsystem;

    - Chrome hardware platform drivers;

    - x86 platform drivers;

    - ARM PM domains;

    - Voltage and Current Regulator drivers;

    - S/390 drivers;

    - SCSI subsystem;

    - Texas Instruments SoC drivers;

    - SPI subsystem;

    - Realtek RTL8723BS SDIO drivers;

    - TCM subsystem;

    - Cadence USB3 driver;

    - DesignWare USB3 driver;

    - USB Gadget drivers;

    - USB Host Controller drivers;

    - Renesas USBHS Controller drivers;

    - USB Mass Storage drivers;

    - USB Type-C Connector System Software Interface driver;

    - Backlight driver;

    - Framebuffer layer;

    - Watchdog drivers;

    - BFS file system;

    - BTRFS file system;

    - Ext4 file system;

    - F2FS file system;

    - FUSE (File system in Userspace);

    - HFS+ file system;

    - Journaling layer for block devices (JBD2);

    - JFS file system;

    - Network file system (NFS) client;

    - Network file system (NFS) server daemon;

    - File system notification infrastructure;

    - NTFS3 file system;

    - OCFS2 file system;

    - OrangeFS file system;

    - Proc file system;

    - SMB network file system;

    - XFS file system;

    - BPF subsystem;

    - Ethernet bridge;

    - Memory management;

    - Network traffic control;

    - io_uring subsystem;

    - Locking primitives;

    - Scheduler infrastructure;

    - Shadow Call Stack mechanism;

    - Tracing infrastructure;

    - Bluetooth subsystem;

    - CAIF protocol;

    - CAN network layer;

    - Ceph Core library;

    - Networking core;

    - Ethtool driver;

    - HSR network protocol;

    - IPv4 networking;

    - IPv6 networking;

    - MAC80211 subsystem;

    - Multipath TCP;

    - Netfilter;

    - NET/ROM layer;

    - NFC subsystem;

    - Open vSwitch;

    - Rose network layer;

    - SCTP protocol;

    - Network sockets;

    - Sun RPC protocol;

    - TIPC protocol;

    - VMware vSockets driver;

    - Wireless networking;

    - Rust bindings mechanism;

    - Integrity Measurement Architecture(IMA) framework;

    - Key management;

    - Simplified Mandatory Access Control Kernel framework;

    - FireWire sound drivers;

    - Turtle Beach Wavefront ALSA driver;

    - STMicroelectronics SoC drivers;

    - USB sound devices; (CVE-2022-49465, CVE-2024-36903, CVE-2024-36927, CVE-2024-37354, CVE-2024-41014,     CVE-2024-46830, CVE-2024-47666, CVE-2024-49968, CVE-2025-22022, CVE-2025-22111, CVE-2025-22121,     CVE-2025-38022, CVE-2025-38129, CVE-2025-38556, CVE-2025-40040, CVE-2025-40083, CVE-2025-40110,     CVE-2025-40211, CVE-2025-40248, CVE-2025-40252, CVE-2025-40253, CVE-2025-40254, CVE-2025-40257,     CVE-2025-40258, CVE-2025-40259, CVE-2025-40261, CVE-2025-40262, CVE-2025-40263, CVE-2025-40264,     CVE-2025-40269, CVE-2025-40271, CVE-2025-40272, CVE-2025-40273, CVE-2025-40275, CVE-2025-40277,     CVE-2025-40278, CVE-2025-40279, CVE-2025-40280, CVE-2025-40281, CVE-2025-40282, CVE-2025-40283,     CVE-2025-40304, CVE-2025-40306, CVE-2025-40308, CVE-2025-40309, CVE-2025-40312, CVE-2025-40313,     CVE-2025-40314, CVE-2025-40315, CVE-2025-40317, CVE-2025-40319, CVE-2025-40321, CVE-2025-40322,     CVE-2025-40324, CVE-2025-40331, CVE-2025-40342, CVE-2025-40343, CVE-2025-40345, CVE-2025-40360,     CVE-2025-40363, CVE-2025-68168, CVE-2025-68176, CVE-2025-68177, CVE-2025-68185, CVE-2025-68191,     CVE-2025-68192, CVE-2025-68194, CVE-2025-68200, CVE-2025-68204, CVE-2025-68217, CVE-2025-68220,     CVE-2025-68227, CVE-2025-68229, CVE-2025-68238, CVE-2025-68241, CVE-2025-68244, CVE-2025-68245,     CVE-2025-68254, CVE-2025-68255, CVE-2025-68257, CVE-2025-68258, CVE-2025-68261, CVE-2025-68264,     CVE-2025-68266, CVE-2025-68282, CVE-2025-68284, CVE-2025-68285, CVE-2025-68286, CVE-2025-68287,     CVE-2025-68288, CVE-2025-68289, CVE-2025-68290, CVE-2025-68295, CVE-2025-68301, CVE-2025-68302,     CVE-2025-68303, CVE-2025-68308, CVE-2025-68312, CVE-2025-68321, CVE-2025-68325, CVE-2025-68327,     CVE-2025-68328, CVE-2025-68330, CVE-2025-68331, CVE-2025-68332, CVE-2025-68335, CVE-2025-68336,     CVE-2025-68337, CVE-2025-68339, CVE-2025-68344, CVE-2025-68346, CVE-2025-68349, CVE-2025-68354,     CVE-2025-68362, CVE-2025-68364, CVE-2025-68366, CVE-2025-68367, CVE-2025-68372, CVE-2025-68724,     CVE-2025-68727, CVE-2025-68728, CVE-2025-68732, CVE-2025-68733, CVE-2025-68734, CVE-2025-68740,     CVE-2025-68746, CVE-2025-68757, CVE-2025-68758, CVE-2025-68759, CVE-2025-68764, CVE-2025-68765,     CVE-2025-68767, CVE-2025-68769, CVE-2025-68771, CVE-2025-68774, CVE-2025-68776, CVE-2025-68777,     CVE-2025-68780, CVE-2025-68782, CVE-2025-68783, CVE-2025-68785, CVE-2025-68787, CVE-2025-68788,     CVE-2025-68795, CVE-2025-68796, CVE-2025-68797, CVE-2025-68799, CVE-2025-68800, CVE-2025-68801,     CVE-2025-68803, CVE-2025-68804, CVE-2025-68808, CVE-2025-68813, CVE-2025-68814, CVE-2025-68815,     CVE-2025-68816, CVE-2025-68818, CVE-2025-68819, CVE-2025-68820, CVE-2025-68821, CVE-2025-71064,     CVE-2025-71066, CVE-2025-71068, CVE-2025-71069, CVE-2025-71075, CVE-2025-71077, CVE-2025-71078,     CVE-2025-71079, CVE-2025-71081, CVE-2025-71082, CVE-2025-71083, CVE-2025-71084, CVE-2025-71085,     CVE-2025-71086, CVE-2025-71087, CVE-2025-71091, CVE-2025-71093, CVE-2025-71094, CVE-2025-71096,     CVE-2025-71097, CVE-2025-71098, CVE-2025-71102, CVE-2025-71104, CVE-2025-71105, CVE-2025-71108,     CVE-2025-71111, CVE-2025-71112, CVE-2025-71113, CVE-2025-71114, CVE-2025-71116, CVE-2025-71118,     CVE-2025-71120, CVE-2025-71121, CVE-2025-71125, CVE-2025-71127, CVE-2025-71131, CVE-2025-71132,     CVE-2025-71133, CVE-2025-71136, CVE-2025-71137, CVE-2025-71147, CVE-2025-71154, CVE-2025-71180,     CVE-2025-71182, CVE-2026-22976, CVE-2026-22977, CVE-2026-22978, CVE-2026-22980, CVE-2026-22982,     CVE-2026-22984, CVE-2026-22990, CVE-2026-22991, CVE-2026-22992, CVE-2026-23019, CVE-2026-23020,     CVE-2026-23021, CVE-2026-23047)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8095-1 advisory.

    Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module (LSM).
    An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor     profiles causing denial of service, exposure of sensitive information (kernel memory), local privilege     escalation, or possibly escape a container. (LP: #2143853)

    Several security issues were discovered in the Linux kernel. An attacker could possibly use these to     compromise the system. This update corrects flaws in the following subsystems:

    - ARM64 architecture;

    - MIPS architecture;

    - Nios II architecture;

    - PA-RISC architecture;

    - RISC-V architecture;

    - S390 architecture;

    - Sun Sparc architecture;

    - User-Mode Linux (UML);

    - x86 architecture;

    - Xtensa architecture;

    - Block layer subsystem;

    - Cryptographic API;

    - Compute Acceleration Framework;

    - ACPI drivers;

    - ATM drivers;

    - Drivers core;

    - Block device driver;

    - Network block device driver;

    - Bluetooth drivers;

    - Bus devices;

    - Hardware random number generator core;

    - Character device driver;

    - Data acquisition framework and drivers;

    - CPU frequency scaling framework;

    - Hardware crypto device drivers;

    - Device frequency scaling framework;

    - DMA engine subsystem;

    - ARM SCMI message protocol;

    - EFI core;

    - Intel Stratix 10 firmware drivers;

    - GPU drivers;

    - HID subsystem;

    - CoreSight HW tracing drivers;

    - IIO subsystem;

    - InfiniBand drivers;

    - Input Device core drivers;

    - Input Device (Miscellaneous) drivers;

    - Input Device (Tablet) drivers;

    - IOMMU subsystem;

    - ISDN/mISDN subsystem;

    - Mailbox framework;

    - Multiple devices driver;

    - Media drivers;

    - Fastrpc Driver;

    - MOST (Media Oriented Systems Transport) drivers;

    - MTD block device drivers;

    - Ethernet bonding driver;

    - Network drivers;

    - Mellanox network drivers;

    - STMicroelectronics network drivers;

    - Texas Instruments network drivers;

    - Ethernet team driver;

    - NVME drivers;

    - PCI subsystem;

    - PCCARD (PCMCIA/CardBus) bus subsystem;

    - Performance monitor drivers;

    - Pin controllers subsystem;

    - x86 platform drivers;

    - ARM PM domains;

    - PPS (Pulse Per Second) driver;

    - PTP clock framework;

    - PWM drivers;

    - Remote Processor subsystem;

    - S/390 drivers;

    - SCSI subsystem;

    - Texas Instruments SoC drivers;

    - TCM subsystem;

    - Trusted Execution Environment drivers;

    - TTY drivers;

    - Userspace I/O drivers;

    - Cadence USB3 driver;

    - DesignWare USB3 driver;

    - USB Gadget drivers;

    - USB Host Controller drivers;

    - Renesas USBHS Controller drivers;

    - USB Mass Storage drivers;

    - Virtio Host (VHOST) subsystem;

    - Framebuffer layer;

    - Xen hypervisor drivers;

    - AFS file system;

    - BTRFS file system;

    - Ceph distributed file system;

    - File systems infrastructure;

    - EFI Variable file system;

    - exFAT file system;

    - Ext4 file system;

    - F2FS file system;

    - FUSE (File system in Userspace);

    - GFS2 file system;

    - HFS file system;

    - HFS+ file system;

    - HugeTLB file system;

    - JFS file system;

    - KERNFS file system;

    - Network file system (NFS) client;

    - Network file system (NFS) server daemon;

    - File system notification infrastructure;

    - NTFS3 file system;

    - OCFS2 file system;

    - OrangeFS file system;

    - Proc file system;

    - Diskquota system;

    - SMB network file system;

    - SquashFS file system;

    - UDF file system;

    - XFS file system;

    - Asynchronous Transfer Mode (ATM) subsystem;

    - BPF subsystem;

    - Mellanox drivers;

    - NFS page cache wrapper;

    - Memory management;

    - Memory Management;

    - Media input infrastructure;

    - Bluetooth subsystem;

    - IP tunnels definitions;

    - Network traffic control;

    - Rose network layer;

    - Network sockets;

    - io_uring subsystem;

    - Control group (cgroup);

    - Kernel crash support code;

    - Kernel futex primitives;

    - PID allocator;

    - Scheduler infrastructure;

    - Syscalls implementation;

    - Timer subsystem;

    - Tracing infrastructure;

    - 9P file system network protocol;

    - Amateur Radio drivers;

    - B.A.T.M.A.N. meshing protocol;

    - Ethernet bridge;

    - Ceph Core library;

    - Networking core;

    - Devlink API;

    - IPv4 networking;

    - IPv6 networking;

    - MAC80211 subsystem;

    - Multipath TCP;

    - Netfilter;

    - NFC subsystem;

    - Open vSwitch;

    - RF switch subsystem;

    - SCTP protocol;

    - SMC sockets;

    - Sun RPC protocol;

    - TIPC protocol;

    - TLS protocol;

    - VMware vSockets driver;

    - Wireless networking;

    - eXpress Data Path;

    - XFRM subsystem;

    - Integrity Measurement Architecture(IMA) framework;

    - Intel ASoC drivers;

    - QCOM ASoC drivers;

    - USB sound devices; (CVE-2025-21833, CVE-2025-22103, CVE-2025-22105, CVE-2025-22106, CVE-2025-22107,     CVE-2025-22113, CVE-2025-22121, CVE-2025-22124, CVE-2025-22125, CVE-2025-23129, CVE-2025-23130,     CVE-2025-23133, CVE-2025-23143, CVE-2025-37860, CVE-2025-38105, CVE-2025-38502, CVE-2025-38556,     CVE-2025-38627, CVE-2025-38643, CVE-2025-38709, CVE-2025-39678, CVE-2025-39697, CVE-2025-39805,     CVE-2025-39806, CVE-2025-39807, CVE-2025-39808, CVE-2025-39810, CVE-2025-39811, CVE-2025-39812,     CVE-2025-39813, CVE-2025-39815, CVE-2025-39817, CVE-2025-39819, CVE-2025-39823, CVE-2025-39824,     CVE-2025-39825, CVE-2025-39826, CVE-2025-39827, CVE-2025-39828, CVE-2025-39829, CVE-2025-39832,     CVE-2025-39835, CVE-2025-39836, CVE-2025-39838, CVE-2025-39839, CVE-2025-39841, CVE-2025-39842,     CVE-2025-39843, CVE-2025-39844, CVE-2025-39845, CVE-2025-39846, CVE-2025-39847, CVE-2025-39848,     CVE-2025-39849, CVE-2025-39850, CVE-2025-39851, CVE-2025-39852, CVE-2025-39853, CVE-2025-39854,     CVE-2025-39857, CVE-2025-39860, CVE-2025-39861, CVE-2025-39863, CVE-2025-39864, CVE-2025-39865,     CVE-2025-39866, CVE-2025-39869, CVE-2025-39870, CVE-2025-39871, CVE-2025-39873, CVE-2025-39876,     CVE-2025-39877, CVE-2025-39880, CVE-2025-39881, CVE-2025-39883, CVE-2025-39885, CVE-2025-39886,     CVE-2025-39891, CVE-2025-39894, CVE-2025-39895, CVE-2025-39897, CVE-2025-39899, CVE-2025-39901,     CVE-2025-39902, CVE-2025-39907, CVE-2025-39909, CVE-2025-39911, CVE-2025-39913, CVE-2025-39914,     CVE-2025-39916, CVE-2025-39920, CVE-2025-39923, CVE-2025-39927, CVE-2025-39929, CVE-2025-39931,     CVE-2025-39932, CVE-2025-39934, CVE-2025-39937, CVE-2025-39938, CVE-2025-39940, CVE-2025-39942,     CVE-2025-39943, CVE-2025-39944, CVE-2025-39945, CVE-2025-39947, CVE-2025-39948, CVE-2025-39949,     CVE-2025-39950, CVE-2025-39951, CVE-2025-39952, CVE-2025-39953, CVE-2025-39955, CVE-2025-39957,     CVE-2025-39961, CVE-2025-39965, CVE-2025-39967, CVE-2025-39968, CVE-2025-39969, CVE-2025-39970,     CVE-2025-39971, CVE-2025-39972, CVE-2025-39973, CVE-2025-39977, CVE-2025-39978, CVE-2025-39980,     CVE-2025-39981, CVE-2025-39982, CVE-2025-39985, CVE-2025-39986, CVE-2025-39987, CVE-2025-39988,     CVE-2025-39991, CVE-2025-39992, CVE-2025-39994, CVE-2025-39995, CVE-2025-39996, CVE-2025-39998,     CVE-2025-40000, CVE-2025-40001, CVE-2025-40006, CVE-2025-40008, CVE-2025-40009, CVE-2025-40010,     CVE-2025-40011, CVE-2025-40013, CVE-2025-40016, CVE-2025-40020, CVE-2025-40021, CVE-2025-40024,     CVE-2025-40026, CVE-2025-40027, CVE-2025-40029, CVE-2025-40030, CVE-2025-40031, CVE-2025-40032,     CVE-2025-40033, CVE-2025-40035, CVE-2025-40036, CVE-2025-40037, CVE-2025-40038, CVE-2025-40042,     CVE-2025-40043, CVE-2025-40044, CVE-2025-40047, CVE-2025-40048, CVE-2025-40049, CVE-2025-40051,     CVE-2025-40052, CVE-2025-40053, CVE-2025-40055, CVE-2025-40056, CVE-2025-40057, CVE-2025-40058,     CVE-2025-40059, CVE-2025-40060, CVE-2025-40061, CVE-2025-40062, CVE-2025-40067, CVE-2025-40068,     CVE-2025-40070, CVE-2025-40071, CVE-2025-40077, CVE-2025-40078, CVE-2025-40079, CVE-2025-40080,     CVE-2025-40081, CVE-2025-40083, CVE-2025-40084, CVE-2025-40085, CVE-2025-40087, CVE-2025-40088,     CVE-2025-40092, CVE-2025-40093, CVE-2025-40094, CVE-2025-40095, CVE-2025-40096, CVE-2025-40099,     CVE-2025-40100, CVE-2025-40101, CVE-2025-40103, CVE-2025-40104, CVE-2025-40105, CVE-2025-40106,     CVE-2025-40107, CVE-2025-40109, CVE-2025-40110, CVE-2025-40111, CVE-2025-40112, CVE-2025-40115,     CVE-2025-40116, CVE-2025-40118, CVE-2025-40120, CVE-2025-40121, CVE-2025-40123, CVE-2025-40124,     CVE-2025-40125, CVE-2025-40126, CVE-2025-40127, CVE-2025-40129, CVE-2025-40134, CVE-2025-40137,     CVE-2025-40140, CVE-2025-40141, CVE-2025-40153, CVE-2025-40154, CVE-2025-40155, CVE-2025-40156,     CVE-2025-40159, CVE-2025-40160, CVE-2025-40165, CVE-2025-40166, CVE-2025-40167, CVE-2025-40169,     CVE-2025-40171, CVE-2025-40172, CVE-2025-40173, CVE-2025-40176, CVE-2025-40178, CVE-2025-40179,     CVE-2025-40180, CVE-2025-40183, CVE-2025-40187, CVE-2025-40188, CVE-2025-40192, CVE-2025-40193,     CVE-2025-40194, CVE-2025-40196, CVE-2025-40198, CVE-2025-40200, CVE-2025-40201, CVE-2025-40204,     CVE-2025-40205, CVE-2025-40206, CVE-2025-40207, CVE-2025-40211, CVE-2025-40218, CVE-2025-40219,     CVE-2025-40220, CVE-2025-40221, CVE-2025-40223, CVE-2025-40226, CVE-2025-40231, CVE-2025-40233,     CVE-2025-40235, CVE-2025-40237, CVE-2025-40238, CVE-2025-40240, CVE-2025-40242, CVE-2025-40243,     CVE-2025-40244, CVE-2025-40245, CVE-2025-40248, CVE-2025-40250, CVE-2025-40251, CVE-2025-40252,     CVE-2025-40253, CVE-2025-40254, CVE-2025-40257, CVE-2025-40258, CVE-2025-40259, CVE-2025-40261,     CVE-2025-40262, CVE-2025-40263, CVE-2025-40264, CVE-2025-40266, CVE-2025-40268, CVE-2025-40269,     CVE-2025-40271, CVE-2025-40272, CVE-2025-40273, CVE-2025-40275, CVE-2025-40277, CVE-2025-40278,     CVE-2025-40279, CVE-2025-40280, CVE-2025-40281, CVE-2025-40282, CVE-2025-40283, CVE-2025-40284,     CVE-2025-40285, CVE-2025-40286, CVE-2025-40287, CVE-2025-40288, CVE-2025-40289, CVE-2025-40292,     CVE-2025-40293, CVE-2025-40294, CVE-2025-40301, CVE-2025-40303, CVE-2025-40304, CVE-2025-40305,     CVE-2025-40306, CVE-2025-40307, CVE-2025-40308, CVE-2025-40309, CVE-2025-40310, CVE-2025-40311,     CVE-2025-40312, CVE-2025-40313, CVE-2025-40314, CVE-2025-40315, CVE-2025-40317, CVE-2025-40318,     CVE-2025-40319, CVE-2025-40320, CVE-2025-40321, CVE-2025-40322, CVE-2025-40323, CVE-2025-40324,     CVE-2025-40328, CVE-2025-40329, CVE-2025-40331, CVE-2025-40333, CVE-2025-40337, CVE-2025-40339,     CVE-2025-40341, CVE-2025-40342, CVE-2025-40343, CVE-2025-40345, CVE-2025-40346, CVE-2025-40347,     CVE-2025-40349, CVE-2025-40350, CVE-2025-40351, CVE-2025-40353, CVE-2025-40358, CVE-2025-40360,     CVE-2025-40363, CVE-2025-68168, CVE-2025-68171, CVE-2025-68172, CVE-2025-68173, CVE-2025-68176,     CVE-2025-68177, CVE-2025-68178, CVE-2025-68179, CVE-2025-68180, CVE-2025-68183, CVE-2025-68184,     CVE-2025-68185, CVE-2025-68190, CVE-2025-68191, CVE-2025-68192, CVE-2025-68194, CVE-2025-68198,     CVE-2025-68200, CVE-2025-68201, CVE-2025-68204, CVE-2025-68208, CVE-2025-68213, CVE-2025-68214,     CVE-2025-68217, CVE-2025-68218, CVE-2025-68219, CVE-2025-68220, CVE-2025-68222, CVE-2025-68223,     CVE-2025-68227, CVE-2025-68229, CVE-2025-68231, CVE-2025-68233, CVE-2025-68235, CVE-2025-68237,     CVE-2025-68238, CVE-2025-68241, CVE-2025-68244, CVE-2025-68245, CVE-2025-68246, CVE-2025-68249,     CVE-2025-68282, CVE-2025-68283, CVE-2025-68284, CVE-2025-68285, CVE-2025-68286, CVE-2025-68287,     CVE-2025-68288, CVE-2025-68289, CVE-2025-68290, CVE-2025-68295, CVE-2025-68297, CVE-2025-68301,     CVE-2025-68302, CVE-2025-68303, CVE-2025-68305, CVE-2025-68307, CVE-2025-68308, CVE-2025-68310,     CVE-2025-68311, CVE-2025-68312, CVE-2025-68313, CVE-2025-68315, CVE-2025-68320, CVE-2025-68321,     CVE-2025-68322, CVE-2025-68327, CVE-2025-68328, CVE-2025-68330, CVE-2025-68331, CVE-2025-68339,     CVE-2025-68340, CVE-2025-68342, CVE-2025-68343, CVE-2025-68734)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8100-1 advisory.

    Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module (LSM).
    An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor     profiles causing denial of service, exposure of sensitive information (kernel memory), local privilege     escalation, or possibly escape a container. (LP: #2143853)

    Several security issues were discovered in the Linux kernel. An attacker could possibly use these to     compromise the system. This update corrects flaws in the following subsystems:

    - ARM64 architecture;

    - MIPS architecture;

    - Nios II architecture;

    - PA-RISC architecture;

    - RISC-V architecture;

    - S390 architecture;

    - Sun Sparc architecture;

    - User-Mode Linux (UML);

    - x86 architecture;

    - Xtensa architecture;

    - Block layer subsystem;

    - Cryptographic API;

    - Compute Acceleration Framework;

    - ACPI drivers;

    - ATM drivers;

    - Drivers core;

    - Block device driver;

    - Network block device driver;

    - Bluetooth drivers;

    - Bus devices;

    - Hardware random number generator core;

    - Character device driver;

    - Data acquisition framework and drivers;

    - CPU frequency scaling framework;

    - Hardware crypto device drivers;

    - Device frequency scaling framework;

    - DMA engine subsystem;

    - ARM SCMI message protocol;

    - EFI core;

    - Intel Stratix 10 firmware drivers;

    - GPU drivers;

    - HID subsystem;

    - CoreSight HW tracing drivers;

    - IIO subsystem;

    - InfiniBand drivers;

    - Input Device core drivers;

    - Input Device (Miscellaneous) drivers;

    - Input Device (Tablet) drivers;

    - IOMMU subsystem;

    - ISDN/mISDN subsystem;

    - Mailbox framework;

    - Multiple devices driver;

    - Media drivers;

    - Fastrpc Driver;

    - MOST (Media Oriented Systems Transport) drivers;

    - MTD block device drivers;

    - Ethernet bonding driver;

    - Network drivers;

    - Mellanox network drivers;

    - STMicroelectronics network drivers;

    - Texas Instruments network drivers;

    - Ethernet team driver;

    - NVME drivers;

    - PCI subsystem;

    - PCCARD (PCMCIA/CardBus) bus subsystem;

    - Performance monitor drivers;

    - Pin controllers subsystem;

    - x86 platform drivers;

    - ARM PM domains;

    - PPS (Pulse Per Second) driver;

    - PTP clock framework;

    - PWM drivers;

    - Remote Processor subsystem;

    - S/390 drivers;

    - SCSI subsystem;

    - Texas Instruments SoC drivers;

    - SPI subsystem;

    - TCM subsystem;

    - Trusted Execution Environment drivers;

    - TTY drivers;

    - Userspace I/O drivers;

    - Cadence USB3 driver;

    - DesignWare USB3 driver;

    - USB Gadget drivers;

    - USB Host Controller drivers;

    - Renesas USBHS Controller drivers;

    - USB Mass Storage drivers;

    - Virtio Host (VHOST) subsystem;

    - Framebuffer layer;

    - Xen hypervisor drivers;

    - AFS file system;

    - BTRFS file system;

    - Ceph distributed file system;

    - File systems infrastructure;

    - EFI Variable file system;

    - exFAT file system;

    - Ext4 file system;

    - F2FS file system;

    - FUSE (File system in Userspace);

    - GFS2 file system;

    - HFS file system;

    - HFS+ file system;

    - HugeTLB file system;

    - JFS file system;

    - KERNFS file system;

    - Network file system (NFS) client;

    - Network file system (NFS) server daemon;

    - File system notification infrastructure;

    - NTFS3 file system;

    - OCFS2 file system;

    - OrangeFS file system;

    - Proc file system;

    - Diskquota system;

    - SMB network file system;

    - SquashFS file system;

    - UDF file system;

    - XFS file system;

    - Asynchronous Transfer Mode (ATM) subsystem;

    - BPF subsystem;

    - Mellanox drivers;

    - NFS page cache wrapper;

    - Memory management;

    - Memory Management;

    - Media input infrastructure;

    - Bluetooth subsystem;

    - IP tunnels definitions;

    - Network traffic control;

    - Rose network layer;

    - Network sockets;

    - io_uring subsystem;

    - Control group (cgroup);

    - Kernel crash support code;

    - Kernel futex primitives;

    - PID allocator;

    - Scheduler infrastructure;

    - Syscalls implementation;

    - Timer subsystem;

    - Tracing infrastructure;

    - 9P file system network protocol;

    - Amateur Radio drivers;

    - B.A.T.M.A.N. meshing protocol;

    - Ethernet bridge;

    - Ceph Core library;

    - Networking core;

    - Devlink API;

    - IPv4 networking;

    - IPv6 networking;

    - MAC80211 subsystem;

    - Multipath TCP;

    - Netfilter;

    - NFC subsystem;

    - Open vSwitch;

    - RF switch subsystem;

    - SCTP protocol;

    - SMC sockets;

    - Sun RPC protocol;

    - TIPC protocol;

    - TLS protocol;

    - VMware vSockets driver;

    - Wireless networking;

    - eXpress Data Path;

    - XFRM subsystem;

    - Integrity Measurement Architecture(IMA) framework;

    - Intel ASoC drivers;

    - QCOM ASoC drivers;

    - USB sound devices; (CVE-2025-21833, CVE-2025-22103, CVE-2025-22105, CVE-2025-22106, CVE-2025-22107,     CVE-2025-22113, CVE-2025-22121, CVE-2025-22124, CVE-2025-22125, CVE-2025-23129, CVE-2025-23130,     CVE-2025-23133, CVE-2025-23143, CVE-2025-37860, CVE-2025-38105, CVE-2025-38502, CVE-2025-38556,     CVE-2025-38627, CVE-2025-38643, CVE-2025-38709, CVE-2025-39678, CVE-2025-39697, CVE-2025-39805,     CVE-2025-39806, CVE-2025-39807, CVE-2025-39808, CVE-2025-39810, CVE-2025-39811, CVE-2025-39812,     CVE-2025-39813, CVE-2025-39815, CVE-2025-39817, CVE-2025-39819, CVE-2025-39823, CVE-2025-39824,     CVE-2025-39825, CVE-2025-39826, CVE-2025-39827, CVE-2025-39828, CVE-2025-39829, CVE-2025-39832,     CVE-2025-39835, CVE-2025-39836, CVE-2025-39838, CVE-2025-39839, CVE-2025-39841, CVE-2025-39842,     CVE-2025-39843, CVE-2025-39844, CVE-2025-39845, CVE-2025-39846, CVE-2025-39847, CVE-2025-39848,     CVE-2025-39849, CVE-2025-39850, CVE-2025-39851, CVE-2025-39852, CVE-2025-39853, CVE-2025-39854,     CVE-2025-39857, CVE-2025-39860, CVE-2025-39861, CVE-2025-39863, CVE-2025-39864, CVE-2025-39865,     CVE-2025-39866, CVE-2025-39869, CVE-2025-39870, CVE-2025-39871, CVE-2025-39873, CVE-2025-39876,     CVE-2025-39877, CVE-2025-39880, CVE-2025-39881, CVE-2025-39883, CVE-2025-39885, CVE-2025-39886,     CVE-2025-39891, CVE-2025-39894, CVE-2025-39895, CVE-2025-39897, CVE-2025-39899, CVE-2025-39901,     CVE-2025-39902, CVE-2025-39907, CVE-2025-39909, CVE-2025-39911, CVE-2025-39913, CVE-2025-39914,     CVE-2025-39916, CVE-2025-39920, CVE-2025-39923, CVE-2025-39927, CVE-2025-39929, CVE-2025-39931,     CVE-2025-39932, CVE-2025-39934, CVE-2025-39937, CVE-2025-39938, CVE-2025-39940, CVE-2025-39942,     CVE-2025-39943, CVE-2025-39944, CVE-2025-39945, CVE-2025-39947, CVE-2025-39948, CVE-2025-39949,     CVE-2025-39950, CVE-2025-39951, CVE-2025-39952, CVE-2025-39953, CVE-2025-39955, CVE-2025-39957,     CVE-2025-39961, CVE-2025-39965, CVE-2025-39967, CVE-2025-39968, CVE-2025-39969, CVE-2025-39970,     CVE-2025-39971, CVE-2025-39972, CVE-2025-39973, CVE-2025-39977, CVE-2025-39978, CVE-2025-39980,     CVE-2025-39981, CVE-2025-39982, CVE-2025-39985, CVE-2025-39986, CVE-2025-39987, CVE-2025-39988,     CVE-2025-39991, CVE-2025-39992, CVE-2025-39994, CVE-2025-39995, CVE-2025-39996, CVE-2025-39998,     CVE-2025-40000, CVE-2025-40001, CVE-2025-40006, CVE-2025-40008, CVE-2025-40009, CVE-2025-40010,     CVE-2025-40011, CVE-2025-40013, CVE-2025-40016, CVE-2025-40020, CVE-2025-40021, CVE-2025-40024,     CVE-2025-40026, CVE-2025-40027, CVE-2025-40029, CVE-2025-40030, CVE-2025-40031, CVE-2025-40032,     CVE-2025-40033, CVE-2025-40035, CVE-2025-40036, CVE-2025-40037, CVE-2025-40038, CVE-2025-40042,     CVE-2025-40043, CVE-2025-40044, CVE-2025-40047, CVE-2025-40048, CVE-2025-40049, CVE-2025-40051,     CVE-2025-40052, CVE-2025-40053, CVE-2025-40055, CVE-2025-40056, CVE-2025-40057, CVE-2025-40058,     CVE-2025-40059, CVE-2025-40060, CVE-2025-40061, CVE-2025-40062, CVE-2025-40067, CVE-2025-40068,     CVE-2025-40070, CVE-2025-40071, CVE-2025-40077, CVE-2025-40078, CVE-2025-40079, CVE-2025-40080,     CVE-2025-40081, CVE-2025-40083, CVE-2025-40084, CVE-2025-40085, CVE-2025-40087, CVE-2025-40088,     CVE-2025-40092, CVE-2025-40093, CVE-2025-40094, CVE-2025-40095, CVE-2025-40096, CVE-2025-40099,     CVE-2025-40100, CVE-2025-40101, CVE-2025-40103, CVE-2025-40104, CVE-2025-40105, CVE-2025-40106,     CVE-2025-40107, CVE-2025-40109, CVE-2025-40110, CVE-2025-40111, CVE-2025-40112, CVE-2025-40115,     CVE-2025-40116, CVE-2025-40118, CVE-2025-40120, CVE-2025-40121, CVE-2025-40123, CVE-2025-40124,     CVE-2025-40125, CVE-2025-40126, CVE-2025-40127, CVE-2025-40129, CVE-2025-40134, CVE-2025-40137,     CVE-2025-40140, CVE-2025-40141, CVE-2025-40153, CVE-2025-40154, CVE-2025-40155, CVE-2025-40156,     CVE-2025-40159, CVE-2025-40160, CVE-2025-40165, CVE-2025-40166, CVE-2025-40167, CVE-2025-40169,     CVE-2025-40171, CVE-2025-40172, CVE-2025-40173, CVE-2025-40176, CVE-2025-40178, CVE-2025-40179,     CVE-2025-40180, CVE-2025-40183, CVE-2025-40187, CVE-2025-40188, CVE-2025-40192, CVE-2025-40193,     CVE-2025-40194, CVE-2025-40196, CVE-2025-40198, CVE-2025-40200, CVE-2025-40201, CVE-2025-40204,     CVE-2025-40205, CVE-2025-40206, CVE-2025-40207, CVE-2025-40211, CVE-2025-40218, CVE-2025-40219,     CVE-2025-40220, CVE-2025-40221, CVE-2025-40223, CVE-2025-40226, CVE-2025-40231, CVE-2025-40233,     CVE-2025-40235, CVE-2025-40237, CVE-2025-40238, CVE-2025-40240, CVE-2025-40242, CVE-2025-40243,     CVE-2025-40244, CVE-2025-40245, CVE-2025-40248, CVE-2025-40250, CVE-2025-40251, CVE-2025-40252,     CVE-2025-40253, CVE-2025-40254, CVE-2025-40257, CVE-2025-40258, CVE-2025-40259, CVE-2025-40261,     CVE-2025-40262, CVE-2025-40263, CVE-2025-40264, CVE-2025-40266, CVE-2025-40268, CVE-2025-40269,     CVE-2025-40271, CVE-2025-40272, CVE-2025-40273, CVE-2025-40275, CVE-2025-40277, CVE-2025-40278,     CVE-2025-40279, CVE-2025-40280, CVE-2025-40281, CVE-2025-40282, CVE-2025-40283, CVE-2025-40284,     CVE-2025-40285, CVE-2025-40286, CVE-2025-40287, CVE-2025-40288, CVE-2025-40289, CVE-2025-40292,     CVE-2025-40293, CVE-2025-40294, CVE-2025-40301, CVE-2025-40303, CVE-2025-40304, CVE-2025-40305,     CVE-2025-40306, CVE-2025-40307, CVE-2025-40308, CVE-2025-40309, CVE-2025-40310, CVE-2025-40311,     CVE-2025-40312, CVE-2025-40313, CVE-2025-40314, CVE-2025-40315, CVE-2025-40317, CVE-2025-40318,     CVE-2025-40319, CVE-2025-40320, CVE-2025-40321, CVE-2025-40322, CVE-2025-40323, CVE-2025-40324,     CVE-2025-40328, CVE-2025-40329, CVE-2025-40331, CVE-2025-40333, CVE-2025-40337, CVE-2025-40339,     CVE-2025-40341, CVE-2025-40342, CVE-2025-40343, CVE-2025-40345, CVE-2025-40346, CVE-2025-40347,     CVE-2025-40349, CVE-2025-40350, CVE-2025-40351, CVE-2025-40353, CVE-2025-40358, CVE-2025-40360,     CVE-2025-40363, CVE-2025-68168, CVE-2025-68171, CVE-2025-68172, CVE-2025-68173, CVE-2025-68176,     CVE-2025-68177, CVE-2025-68178, CVE-2025-68179, CVE-2025-68180, CVE-2025-68183, CVE-2025-68184,     CVE-2025-68185, CVE-2025-68190, CVE-2025-68191, CVE-2025-68192, CVE-2025-68194, CVE-2025-68198,     CVE-2025-68200, CVE-2025-68201, CVE-2025-68204, CVE-2025-68208, CVE-2025-68213, CVE-2025-68214,     CVE-2025-68217, CVE-2025-68218, CVE-2025-68219, CVE-2025-68220, CVE-2025-68222, CVE-2025-68223,     CVE-2025-68227, CVE-2025-68229, CVE-2025-68231, CVE-2025-68233, CVE-2025-68235, CVE-2025-68237,     CVE-2025-68238, CVE-2025-68241, CVE-2025-68244, CVE-2025-68245, CVE-2025-68246, CVE-2025-68249,     CVE-2025-68282, CVE-2025-68283, CVE-2025-68284, CVE-2025-68285, CVE-2025-68286, CVE-2025-68287,     CVE-2025-68288, CVE-2025-68289, CVE-2025-68290, CVE-2025-68295, CVE-2025-68297, CVE-2025-68301,     CVE-2025-68302, CVE-2025-68303, CVE-2025-68305, CVE-2025-68307, CVE-2025-68308, CVE-2025-68310,     CVE-2025-68311, CVE-2025-68312, CVE-2025-68313, CVE-2025-68315, CVE-2025-68320, CVE-2025-68321,     CVE-2025-68322, CVE-2025-68327, CVE-2025-68328, CVE-2025-68330, CVE-2025-68331, CVE-2025-68339,     CVE-2025-68340, CVE-2025-68342, CVE-2025-68343, CVE-2025-68734, CVE-2026-23202, CVE-2026-23207)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20287-1 advisory.

    The SUSE Linux Enterprise 16.0 and SL MIxro 6.2 kernel was updated to fix various security issues

    The following security issues were fixed:

    - CVE-2025-40147: blk-throttle: fix access race during throttle policy activation (bsc#1253344).
    - CVE-2025-40257: mptcp: fix a race in mptcp_pm_del_add_timer() (bsc#1254842).
    - CVE-2025-40259: scsi: sg: Do not sleep in atomic context (bsc#1254845).
    - CVE-2025-40261: nvme: nvme-fc: Ensure ->ioerr_work is cancelled in nvme_fc_delete_ctrl() (bsc#1254839).
    - CVE-2025-40363: net: ipv6: fix field-spanning memcpy warning in AH output (bsc#1255102).
    - CVE-2025-68174: amd/amdkfd: enhance kfd process check in switch partition (bsc#1255327).
    - CVE-2025-68178: blk-cgroup: fix possible deadlock while configuring policy (bsc#1255266).
    - CVE-2025-68188: tcp: use dst_dev_rcu() in tcp_fastopen_active_disable_ofo_check() (bsc#1255269).
    - CVE-2025-68200: bpf: Add bpf_prog_run_data_pointers() (bsc#1255241).
    - CVE-2025-68211: ksm: use range-walk function to jump over holes in scan_get_next_rmap_item     (bsc#1255319).
    - CVE-2025-68218: nvme-multipath: fix lockdep WARN due to partition scan work (bsc#1255245).
    - CVE-2025-68227: mptcp: Fix proto fallback detection with BPF (bsc#1255216).
    - CVE-2025-68241: ipv4: route: Prevent rt_bind_exception() from rebinding stale fnhe (bsc#1255157).
    - CVE-2025-68245: net: netpoll: fix incorrect refcount handling causing incorrect cleanup (bsc#1255268).
    - CVE-2025-68261: ext4: add i_data_sem protection in ext4_destroy_inline_data_nolock() (bsc#1255164).
    - CVE-2025-68296: drm, fbcon, vga_switcheroo: Avoid race condition in fbcon setup (bsc#1255128).
    - CVE-2025-68297: ceph: fix crash in process_v2_sparse_read() for encrypted directories (bsc#1255403).
    - CVE-2025-68320: lan966x: Fix sleeping in atomic context (bsc#1255172).
    - CVE-2025-68325: net/sched: sch_cake: Fix incorrect qlen reduction in cake_drop (bsc#1255417).
    - CVE-2025-68337: jbd2: avoid bug_on in jbd2_journal_get_create_access() when file system corrupted     (bsc#1255482).
    - CVE-2025-68341: veth: reduce XDP no_direct return section to fix race (bsc#1255506).
    - CVE-2025-68348: block: fix memory leak in __blkdev_issue_zero_pages (bsc#1255694).
    - CVE-2025-68349: NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid     (bsc#1255544).
    - CVE-2025-68356: gfs2: Prevent recursive memory reclaim (bsc#1255593).
    - CVE-2025-68359: btrfs: fix double free of qgroup record after failure to add delayed ref head     (bsc#1255542).
    - CVE-2025-68360: wifi: mt76: wed: use proper wed reference in mt76 wed driver callabacks (bsc#1255536).
    - CVE-2025-68361: erofs: limit the level of fs stacking for file-backed mounts (bsc#1255526).
    - CVE-2025-68366: nbd: defer config unlock in nbd_genl_connect (bsc#1255622).
    - CVE-2025-68367: macintosh/mac_hid: fix race condition in mac_hid_toggle_emumouse (bsc#1255547).
    - CVE-2025-68368: md: init bioset in mddev_init (bsc#1255527).
    - CVE-2025-68372: nbd: defer config put in recv_work (bsc#1255537).
    - CVE-2025-68374: md: fix rcu protection in md_wakeup_thread (bsc#1255530).
    - CVE-2025-68376: coresight: ETR: Fix ETR buffer use-after-free issue (bsc#1255529).
    - CVE-2025-68379: RDMA/rxe: Fix null deref on srq->rq.queue after resize failure (bsc#1255695).
    - CVE-2025-68735: drm/panthor: Prevent potential UAF in group creation (bsc#1255811).
    - CVE-2025-68741: scsi: qla2xxx: Fix improper freeing of purex item (bsc#1255703).
    - CVE-2025-68743: mshv: Fix create memory region overlap check (bsc#1255708).
    - CVE-2025-68764: NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags (bsc#1255930).
    - CVE-2025-68768: inet: frags: add inet_frag_queue_flush() (bsc#1256579).
    - CVE-2025-68770: bnxt_en: Fix XDP_TX path (bsc#1256584).
    - CVE-2025-68771: ocfs2: fix kernel BUG in ocfs2_find_victim_chain (bsc#1256582).
    - CVE-2025-68775: net/handshake: duplicate handshake cancellations leak socket (bsc#1256665).
    - CVE-2025-68776: net/hsr: fix NULL pointer dereference in prp_get_untagged_frame() (bsc#1256659).
    - CVE-2025-68784: xfs: fix a UAF problem in xattr repair (bsc#1256793).
    - CVE-2025-68788: fsnotify: do not generate ACCESS/MODIFY events on child for special files (bsc#1256638).
    - CVE-2025-68792: tpm2-sessions: Fix out of range indexing in name_size (bsc#1256656).
    - CVE-2025-68795: ethtool: Avoid overflowing userspace buffer on stats query (bsc#1256688).
    - CVE-2025-68798: perf/x86/amd: Check event before enable to avoid GPF (bsc#1256689).
    - CVE-2025-68799: caif: fix integer underflow in cffrml_receive() (bsc#1256643).
    - CVE-2025-68800: mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats     (bsc#1256646).
    - CVE-2025-68801: mlxsw: spectrum_router: Fix neighbour use-after-free (bsc#1256653).
    - CVE-2025-68803: NFSD: NFSv4 file creation neglects setting ACL (bsc#1256770).
    - CVE-2025-68811: svcrdma: use rc_pageoff for memcpy byte offset (bsc#1256677).
    - CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256641).
    - CVE-2025-68814: io_uring: fix filename leak in __io_openat_prep() (bsc#1256651).
    - CVE-2025-68815: net/sched: ets: Remove drr class from the active list if it changes to strict     (bsc#1256680).
    - CVE-2025-68816: net/mlx5: fw_tracer, Validate format string parameters (bsc#1256674).
    - CVE-2025-68820: ext4: xattr: fix null pointer deref in ext4_raw_inode() (bsc#1256754).
    - CVE-2025-68821: fuse: fix readahead reclaim deadlock (bsc#1256667).
    - CVE-2025-71064: net: hns3: using the num_tqps in the vf driver to apply for resources (bsc#1256654).
    - CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change     (bsc#1256645).
    - CVE-2025-71077: tpm: Cap the number of PCR banks (bsc#1256613).
    - CVE-2025-71080: ipv6: fix a BUG in rt6_get_pcpu_route() under PREEMPT_RT (bsc#1256608).
    - CVE-2025-71084: RDMA/cm: Fix leaking the multicast GID table reference (bsc#1256622).
    - CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256623).
    - CVE-2025-71087: iavf: fix off-by-one issues in iavf_config_rss_reg() (bsc#1256628).
    - CVE-2025-71088: mptcp: fallback earlier on simult connection (bsc#1256630).
    - CVE-2025-71089: iommu: disable SVA when CONFIG_X86 is set (bsc#1256612).
    - CVE-2025-71091: team: fix check for port enabled in team_queue_override_port_prio_changed()     (bsc#1256773).
    - CVE-2025-71093: e1000: fix OOB in e1000_tbi_should_accept() (bsc#1256777).
    - CVE-2025-71094: net: usb: asix: ax88772: Increase phy_name size (bsc#1256597).
    - CVE-2025-71095: net: stmmac: fix the crash issue for zero copy XDP_TX action (bsc#1256605).
    - CVE-2025-71097: ipv4: Fix reference count leak when using error routes with nexthop objects     (bsc#1256607).
    - CVE-2025-71098: ip6_gre: make ip6gre_header() robust (bsc#1256591).
    - CVE-2025-71112: net: hns3: add VLAN id validation before using (bsc#1256726).
    - CVE-2025-71116: libceph: make decode_pool() more resilient against corrupted osdmaps (bsc#1256744).
    - CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf     (bsc#1256779).
    - CVE-2025-71123: ext4: fix string copying in parse_apply_sb_mount_options() (bsc#1256757).
    - CVE-2025-71126: mptcp: avoid deadlock on fallback while reinjecting (bsc#1256755).
    - CVE-2025-71132: smc91x: fix broken irq-context in PREEMPT_RT (bsc#1256737).
    - CVE-2025-71133: RDMA/irdma: avoid invalid read in irdma_net_event (bsc#1256733).
    - CVE-2025-71135: md/raid5: fix possible null-pointer dereferences in raid5_store_group_thread_cnt()     (bsc#1256761).
    - CVE-2025-71137: octeontx2-pf: fix UBSAN: shift-out-of-bounds error (bsc#1256760).
    - CVE-2025-71148: net/handshake: restore destructor on submit failure (bsc#1257159).
    - CVE-2025-71149: io_uring/poll: correctly handle io_poll_add() return value on update (bsc#1257164).
    - CVE-2025-71156: gve: defer interrupt enabling until NAPI registration (bsc#1257167).
    - CVE-2025-71157: RDMA/core: always drop device refcount in ib_del_sub_device_and_put() (bsc#1257168).
    - CVE-2026-22976: net/sched: sch_qfq: Fix NULL deref when deactivating inactive aggregate in qfq_reset     (bsc#1257035).
    - CVE-2026-22977: net: sock: fix hardened usercopy panic in sock_recv_errqueue (bsc#1257053).
    - CVE-2026-22981: idpf: detach and close netdevs while handling a reset (bsc#1257225).
    - CVE-2026-22982: net: mscc: ocelot: Fix crash when adding interface under a lag (bsc#1257179).
    - CVE-2026-22984: libceph: prevent potential out-of-bounds reads in handle_auth_done() (bsc#1257217).
    - CVE-2026-22986: gpiolib: fix race condition for gdev->srcu (bsc#1257276).
    - CVE-2026-22990: libceph: replace overzealous BUG_ON in osdmap_apply_incremental() (bsc#1257221).
    - CVE-2026-22991: libceph: make free_choose_arg_map() resilient to partial allocation (bsc#1257220).
    - CVE-2026-22992: libceph: return the handler error from mon_handle_auth_done() (bsc#1257218).
    - CVE-2026-22993: idpf: Fix RSS LUT NULL pointer crash on early ethtool operations (bsc#1257180).
    - CVE-2026-22996: net/mlx5e: Don't store mlx5e_priv in mlx5e_dev devlink priv.
    - CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257236).
    - CVE-2026-23000: net/mlx5e: Fix crash on profile change rollback failure (bsc#1257234).
    - CVE-2026-23001: macvlan: fix possible UAF in macvlan_forward_source() (bsc#1257232).
    - CVE-2026-23005: x86/fpu: Clear XSTATE_BV in guest XSAVE state whenever XFD[i]=1 (bsc#1257245).
    - CVE-2026-23011: ipv4: ip_gre: make ipgre_header() robust (bsc#1257207).

    The following non security issues were fixed:

    - ALSA: usb-audio: Update for native DSD support quirks (stable-fixes).
    - Add bugnumber to an existing hv_netvsc change (bsc#1257473).
    - Fix locking issue introduced by a CVE backport (bsc#1256975 bsc#1254977).
    - Update config files: disable CONFIG_DEVPORT for arm64 (bsc#1256792)
    - arm64: Update config files. Disable DEVPORT (bsc#1256792)
    - bpf/selftests: test_select_reuseport_kern: Remove unused header (bsc#1257603).
    - bpf: Do not let BPF test infra emit invalid GSO types to stack (bsc#1255569).
    - btrfs: pass fs_info to btrfs_delete_ref_head() (git-fixes).
    - btrfs: scrub: always update btrfs_scrub_progress::last_physical (git-fixes).
    - bus: fsl-mc: Constify fsl_mc_device_match() (jsc#PED-10906 git-fixes).
    - drm/imagination: Wait for FW trace update command completion (git-fixes).
    - drm/msm/a6xx: fix bogus hwcg register updates (git-fixes).
    - ice: use netif_get_num_default_rss_queues() (bsc#1247712).
    - libbpf: Fix -Wdiscarded-qualifiers under C23 (bsc#1257309).
    - mm, page_alloc, thp: prevent reclaim for __GFP_THISNODE THP allocations (bsc#1254447 bsc#1253087).
    - net: mana: Fix incorrect speed reported by debugfs (bsc#1255232).
    - net: mana: Support HW link state events (bsc#1253049).
    - nfsd: adjust WARN_ON_ONCE in revoke_delegation (bsc#1257015).
    - nvme: nvme-fc: move tagset removal to nvme_fc_delete_ctrl() (git-fixes).
    - powerpc/addnote: Fix overflow on 32-bit builds (bsc#1215199).
    - sched/fair: Disable scheduler feature NEXT_BUDDY (bsc#1255459).
    - scsi: lpfc: Rework lpfc_sli4_fcf_rr_next_index_get() (bsc#1256864).
    - scsi: lpfc: Update lpfc version to 14.4.0.13 (bsc#1256864).
    - scsi: qla2xxx: Add Speed in SFP print information (bsc#1256865 bsc#1256867 jsc#PED-14156).
    - scsi: qla2xxx: Add bsg interface to support firmware img validation (bsc#1256865 bsc#1256867     jsc#PED-14156).
    - scsi: qla2xxx: Add load flash firmware mailbox support for 28xxx (bsc#1256865 bsc#1256867     jsc#PED-14156).
    - scsi: qla2xxx: Add support for 64G SFP speed (bsc#1256865 bsc#1256867 jsc#PED-14156).
    - scsi: qla2xxx: Allow recovery for tape devices (bsc#1256865 bsc#1256867 jsc#PED-14156).
    - scsi: qla2xxx: Delay module unload while fabric scan in progress (bsc#1256865 bsc#1256867     jsc#PED-14156).
    - scsi: qla2xxx: Fix bsg_done() causing double free (bsc#1256865 bsc#1256867 jsc#PED-14156).
    - scsi: qla2xxx: Free sp in error path to fix system crash (bsc#1256865 bsc#1256867 jsc#PED-14156).
    - scsi: qla2xxx: Query FW again before proceeding with login (bsc#1256865 bsc#1256867 jsc#PED-14156).
    - scsi: qla2xxx: Update version to 10.02.10.100-k (bsc#1256865 bsc#1256867 jsc#PED-14156).
    - scsi: qla2xxx: Validate MCU signature before executing MBC 03h (bsc#1256865 bsc#1256867 jsc#PED-14156).
    - scsi: qla2xxx: Validate sp before freeing associated memory (bsc#1256865 bsc#1256867 jsc#PED-14156).
    - scsi: storvsc: Process unsupported MODE_SENSE_10 (bsc#1257296).
    - selftests: net: fib-onlink-tests: Convert to use namespaces by default (bsc#1255346).
    - slimbus: core: Constify slim_eaddr_equal() (jsc#PED-10906 git-fixes).
    - smb: client: split cached_fid bitfields to avoid shared-byte RMW races (bsc#1250748,bsc#1257154).
    - smb: client: update cfid->last_access_time in open_cached_dir_by_dentry() (git-fixes).
    - smb: improve directory cache reuse for readdir operations (bsc#1252712).
    - tsm-mr: Add TVM Measurement Register support (bsc#1257504).
    - tsm-mr: Add tsm-mr sample code (bsc#1257504).
    - virt: tdx-guest: Expose TDX MRs as sysfs attributes (bsc#1257504).
    - virt: tdx-guest: Refactor and streamline TDREPORT generation (bsc#1257504).
    - virt: tdx-guest: Transition to scoped_cond_guard for mutex operations (bsc#1257504).
    - wifi: mwifiex: Fix a loop in mwifiex_update_ampdu_rxwinsize() (git-fixes).
    - x86/tdx: Add tdx_mcall_extend_rtmr() interface (bsc#1257504).
    - x86/tdx: tdx_mcall_get_report0: Return -EBUSY on TDCALL_OPERAND_BUSY error (bsc#1257504).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50113 advisory.

    - sunrpc: fix client side handling of tls alerts (Olga Kornievskaia)  [Orabug: 38334981]  {CVE-2025-38571}
    - sunrpc: fix handling of server side tls alerts (Olga Kornievskaia)  [Orabug: 38334968]  {CVE-2025-38566}
    - xfrm: delete x->tunnel as we delete x (Sabrina Dubroca)  [Orabug: 38730492]  {CVE-2025-40215}
    - net/sched: sch_cake: Fix incorrect qlen reduction in cake_drop (Xiang Mei) [Orabug: 38783137]     {CVE-2025-68325}
    - fuse: fix readahead reclaim deadlock (Joanne Koong) [Orabug: 38847946] {CVE-2025-68821}
    - PCI/AER: Avoid NULL pointer dereference in aer_ratelimit() (Breno Leitao) [Orabug: 38597010]     {CVE-2025-40034}
    - mlx5: Fix default values in create CQ (Akiva Goldberger) [Orabug: 38420735,38773370] {CVE-2025-68209}
    - scsi: megaraid_sas: Fix invalid node index (Chen Yu) [Orabug: 38175026] {CVE-2025-38239}
    - RDMA/mlx5: Fix a WARN during dereg_mr for DM type (Yishai Hadas) [Orabug: 37766291,38463999]     {CVE-2025-21888}
    - scsi: pm80xx: Set phy->enable_completion only when we (Igor Pylypiv) [Orabug: 37159744] {CVE-2024-47666}
    - usb: renesas_usbhs: Fix synchronous external abort on unbind (Claudiu Beznea) [Orabug: 38792571]     {CVE-2025-68327}
    - smb: client: fix memory leak in cifs_construct_tcon() (Paulo Alcantara) [Orabug: 38773704]     {CVE-2025-68295}
    - mptcp: Fix proto fallback detection with BPF (Jiayuan Chen) [Orabug: 38773435] {CVE-2025-68227}
    - libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (Ziming Zhang) [Orabug:
    38773649] {CVE-2025-68284}
    - libceph: fix potential use-after-free in have_mon_and_osd_map() (Ilya Dryomov) [Orabug: 38773655]     {CVE-2025-68285}
    - drm/amd/display: Check NULL before accessing (Alex Hung) [Orabug: 38773664] {CVE-2025-68286}
    - usb: dwc3: Fix race condition between concurrent dwc3_remove_requests() call paths (Manish Nagar)     [Orabug: 38773671] {CVE-2025-68287}
    - usb: uas: fix urb unmapping issue when the uas device is remove during ongoing data transfer (Owen Gu)     [Orabug: 38792593] {CVE-2025-68331}
    - usb: storage: sddr55: Reject out-of-bound new_pba (Tianchu Chen) [Orabug: 38762730] {CVE-2025-40345}
    - usb: storage: Fix memory leak in USB bulk transport (Desnes Nunes) [Orabug: 38773677]     {CVE-2018-1000204,CVE-2025-68288}
    - usb: gadget: f_eem: Fix memory leak in eem_unwrap (Kuen-Han Tsai) [Orabug: 38773687] {CVE-2025-68289}
    - iio: accel: bmc150: Fix irq assumption regression (Linus Walleij) [Orabug: 38792587] {CVE-2025-68330}
    - net: atlantic: fix fragment overflow handling in RX path (Jiefeng Zhang) [Orabug: 38773729]     {CVE-2025-68301}
    - can: kvaser_usb: leaf: Fix potential infinite loop in command parsers (Seungjin Bae) [Orabug: 38773760]     {CVE-2025-68308}
    - mptcp: fix a race in mptcp_pm_del_add_timer() (Eric Dumazet) [Orabug: 38730656] {CVE-2025-40257}
    - net: netpoll: fix incorrect refcount handling causing incorrect cleanup (Breno Leitao) [Orabug:
    38773509] {CVE-2025-68245}
    - btrfs: fix crash on racing fsync and size-extending write into prealloc (Omar Sandoval) [Orabug:
    36774582] {CVE-2024-37354}
    - mm/secretmem: fix use-after-free race in fault handler (Lance Yang) [Orabug: 38737039] {CVE-2025-40272}
    - vsock: Ignore signal/timeout on connect() if already established (Michal Luczaj) [Orabug:
    38730611,38786193,38788594] {CVE-2025-40248}
    - net: qlogic/qede: fix potential out-of-bounds read in qede_tpa_cont() and qede_tpa_end() (Pavel     Zhigulin) [Orabug: 38730629] {CVE-2025-40252}
    - net: openvswitch: remove never-working support for setting nsh fields (Ilya Maximets) [Orabug: 38730648]     {CVE-2025-40254}
    - mptcp: fix race condition in mptcp_schedule_work() (Eric Dumazet) [Orabug: 38730659] {CVE-2025-40258}
    - scsi: target: tcm_loop: Fix segfault in tcm_loop_tpg_address_show() (Hamza Mahfooz) [Orabug: 38773440]     {CVE-2025-68229}
    - scsi: sg: Do not sleep in atomic context (Bart Van Assche) [Orabug: 38730663] {CVE-2025-40259}
    - nvme: nvme-fc: Ensure ->ioerr_work is cancelled in nvme_fc_delete_ctrl() (Ewan D. Milne) [Orabug:
    38730673] {CVE-2025-40261}
    - Input: cros_ec_keyb - fix an invalid memory access (Tzung-Bi Shih) [Orabug: 38730680] {CVE-2025-40263}
    - be2net: pass wrb_params in case of OS2BMC (Andrey Vatoropin) [Orabug: 38730689] {CVE-2025-40264}
    - isdn: mISDN: hfcsusb: fix memory leak in hfcsusb_probe() (Abdun Nihaal) [Orabug: 38798907]     {CVE-2025-68734}
    - ALSA: usb-audio: Fix potential overflow of PCM transfer buffer (Takashi Iwai) [Orabug: 38737023]     {CVE-2025-40269}
    - fs/proc: fix uaf in proc_readdir_de() (Wei Yang) [Orabug: 38737033,38786194,38788587] {CVE-2025-40271}
    - ipv4: route: Prevent rt_bind_exception() from rebinding stale fnhe (Chuang Wang) [Orabug: 38773495]     {CVE-2025-68241}
    - NFSD: free copynotify stateid in nfs4_free_ol_stateid() (Olga Kornievskaia) [Orabug: 38737042]     {CVE-2025-40273}
    - mm/ksm: fix flag-dropping behavior in ksm_madvise (Jakub Acs) [Orabug: 38592026] {CVE-2025-40040}
    - bpf: Add bpf_prog_run_data_pointers() (Eric Dumazet) [Orabug: 38773327] {CVE-2025-68200}
    - ALSA: usb-audio: Fix NULL pointer dereference in snd_usb_mixer_controls_badd (Haein Lee) [Orabug:
    38737051] {CVE-2025-40275}
    - drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE (Ian Forbes) [Orabug: 38737060]     {CVE-2025-40277}
    - net: sched: act_connmark: initialize struct tc_ife to fix kernel leak (Ranganath V N) [Orabug: 38737072]     {CVE-2025-40279}
    - tipc: Fix use-after-free in tipc_mon_reinit_self(). (Kuniyuki Iwashima) [Orabug:
    38737082,38786195,38788585] {CVE-2025-40280}
    - sctp: prevent possible shift-out-of-bounds in sctp_transport_update_rto (Eric Dumazet) [Orabug:
    38737090] {CVE-2025-40281}
    - Bluetooth: btusb: reorder cleanup in btusb_disconnect to avoid UAF (Raphael Pinsonneault-Thibeault)     [Orabug: 38737103] {CVE-2025-40283}
    - drm/i915: Avoid lock inversion when pinning to GGTT on CHV/BXT+VTD (Janusz Krzysztofik) [Orabug:
    38773506] {CVE-2025-68244}
    - net: usb: qmi_wwan: initialize MAC header offset in qmimux_rx_fixup (Qendrim Maxhuni) [Orabug: 38773282]     {CVE-2025-68192}
    - sctp: Prevent TOCTOU out-of-bounds write (Stefan Wiehler) [Orabug: 38747446] {CVE-2025-40331}
    - fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds (Albin Babu Varghese) [Orabug:
    38737181] {CVE-2025-40304}
    - Bluetooth: bcsp: receive data only if registered (Ivan Pravdin) [Orabug: 38737212] {CVE-2025-40308}
    - Bluetooth: SCO: Fix UAF on sco_conn_free (Luiz Augusto von Dentz) [Orabug: 38737223] {CVE-2025-40309}
    - fs: ext4: change GFP_KERNEL to GFP_NOFS to avoid deadlock (Chuguangqing) [Orabug: 38773127]     {CVE-2025-40361}
    - nfs4_setup_readdir(): insufficient locking for ->d_parent->d_inode dereferencing (Al Viro) [Orabug:
    38773244] {CVE-2025-68185}
    - page_pool: always add GFP_NOWARN for ATOMIC allocations (Jakub Kicinski) [Orabug: 38773835]     {CVE-2025-68321}
    - udp_tunnel: use netdev_warn() instead of netdev_WARN() (Alok Tiwari) [Orabug: 38773275] {CVE-2025-68191}
    - media: imon: make send_packet() more robust (Tetsuo Handa) [Orabug: 38773297] {CVE-2025-68194}
    - net: ipv6: fix field-spanning memcpy warning in AH output (Charalampos Mitrodimas) [Orabug: 38773140]     {CVE-2025-40363}
    - nvme-fc: use lock accessing port_state and rport state (Daniel Wagner) [Orabug: 38747531]     {CVE-2025-40342}
    - nvmet-fc: avoid scheduling association deletion twice (Daniel Wagner) [Orabug: 38747538]     {CVE-2025-40343}
    - drm/sysfb: Do not dereference NULL pointer in plane reset (Thomas Zimmermann) [Orabug: 38773123]     {CVE-2025-40360}
    - usbnet: Prevents free active kevent (Lizhi Xu) [Orabug: 38773783] {CVE-2025-68312}
    - bpf: Sync pending IRQ work before freeing ring buffer (Noorain Eqbal) [Orabug: 38737284]     {CVE-2025-40319}
    - wifi: brcmfmac: fix crash while sending Action Frames in standalone AP Mode (Gokul Sivakumar) [Orabug:
    38737291] {CVE-2025-40321}
    - fbdev: bitblit: bound-check glyph index in bit_putcs* (Junjie Cao) [Orabug: 38737300] {CVE-2025-40322}
    - ACPI: video: Fix use-after-free in acpi_video_switch_brightness() (Yuhao Jiang) [Orabug: 38687004]     {CVE-2025-40211}
    - NFSD: Fix crash in nfsd4_read_release() (Chuck Lever) [Orabug: 38737315] {CVE-2025-40324}
    - net/sched: sch_qfq: Fix null-deref in agg_dequeue (Xiang Mei) [Orabug: 38597084] {CVE-2025-40083}
    - mm/hugetlb: add option to allows disabling CVE-2025-38085 mitigation (Joe Jin) [Orabug: 38728358]     {CVE-2025-38085}
    - netfilter: nf_tables: reject duplicate device on updates (Pablo Neira Ayuso) [Orabug: 38389767,38744086]     {CVE-2025-38678}
    - net/mlx5: Clean up only new IRQ glue on request_irq() failure (Pradyumn Rahar) [Orabug:
    37961220,38730620] {CVE-2025-40250}
    - bnxt_en: Fix memory corruption when FW resources change during ifdown (Sreekanth Reddy) [Orabug:
    38440240] {CVE-2025-39810}

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0473-1 advisory.

    The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues

    The following security issues were fixed:

    - CVE-2022-50347: mmc: rtsx_usb_sdmmc: fix return value check of mmc_add_host() (bsc#1249928).
    - CVE-2022-50580: blk-throttle: prevent overflow while calculating wait time (bsc#1252542).
    - CVE-2022-50676: net: rds: don't hold sock lock when cancelling work from rds_tcp_reset_callbacks()     (bsc#1254689).
    - CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit (bsc#1255594).
    - CVE-2022-50709: wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg() (bsc#1255565).
    - CVE-2022-50716: wifi: ar5523: Fix use-after-free on ar5523_cmd() timed out (bsc#1255839).
    - CVE-2022-50717: nvmet-tcp: add bounds check on Transfer Tag (bsc#1255844).
    - CVE-2022-50719: ALSA: line6: fix stack overflow in line6_midi_transmit (bsc#1255939).
    - CVE-2022-50740: wifi: ath9k: hif_usb: fix memory leak of urbs in ath9k_hif_usb_dealloc_tx_urbs()     (bsc#1256155).
    - CVE-2022-50744: scsi: lpfc: Fix hard lockup when reading the rx_monitor from debugfs (bsc#1256165).
    - CVE-2022-50749: acct: fix potential integer overflow in encode_comp_t() (bsc#1256191).
    - CVE-2022-50751: configfs: fix possible memory leak in configfs_create_dir() (bsc#1256184).
    - CVE-2022-50760: drm/amdgpu: Fix PCI device refcount leak in amdgpu_atrm_get_bios() (bsc#1255983).
    - CVE-2022-50770: ocfs2: fix memory leak in ocfs2_mount_volume() (bsc#1256221).
    - CVE-2022-50777: net: phy: xgmiitorgmii: Fix refcount leak in xgmiitorgmii_probe (bsc#1256320).
    - CVE-2022-50780: net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed (bsc#1256305).
    - CVE-2022-50782: ext4: fix bug_on in __es_tree_search caused by bad quota inode (bsc#1256282).
    - CVE-2022-50786: media: s5p-mfc: Clear workbit to handle error condition (bsc#1256258).
    - CVE-2022-50816: ipv6: ensure sane device mtu in tunnels (bsc#1256038).
    - CVE-2022-50834: nfc: Fix potential resource leaks (bsc#1256219).
    - CVE-2022-50865: tcp: fix a signed-integer-overflow bug in tcp_add_backlog() (bsc#1256168).
    - CVE-2022-50868: hwrng: amd - Fix PCI device refcount leak (bsc#1256386).
    - CVE-2022-50880: wifi: ath10k: add peer map clean up for peer delete in ath10k_sta_state() (bsc#1256132).
    - CVE-2022-50881: ath9k: Fix typo in function name (bsc#1256130).
    - CVE-2022-50884: drm: Prevent drm_copy_field() to attempt copying a NULL pointer (bsc#1256127).
    - CVE-2022-50885: RDMA/rxe: Fix NULL-ptr-deref in rxe_qp_do_cleanup() when socket create failed     (bsc#1256122).
    - CVE-2022-50887: regulator: core: fix unbalanced of node refcount in regulator_dev_lookup()     (bsc#1256125).
    - CVE-2023-50756: nvme-pci: fix mempool alloc size (bsc#1256216).
    - CVE-2023-53685: tun: Fix memory leak for detached NAPI queue (bsc#1251770).
    - CVE-2023-53747: vc_screen: reload load of struct vc_data pointer in vcs_write() to avoid UAF     (bsc#1254572).
    - CVE-2023-53751: cifs: fix potential use-after-free bugs in TCP_Server_Info::hostname (bsc#1254986).
    - CVE-2023-53825: kcm: Fix error handling for SOCK_DGRAM in kcm_sendmsg() (bsc#1254707).
    - CVE-2023-53853: netlink: annotate accesses to nlk->cb_running (bsc#1254673).
    - CVE-2023-53863: netlink: do not hard code device address lenth in fdb dumps (bsc#1254657).
    - CVE-2023-53992: wifi: cfg80211: ocb: don't leave if not joined (bsc#1256058).
    - CVE-2023-54012: net: fix stack overflow when LRO is disabled for virtual interfaces (bsc#1255571).
    - CVE-2023-54047: drm/rockchip: dw_hdmi: cleanup drm encoder during unbind (bsc#1256398).
    - CVE-2023-54048: RDMA/bnxt_re: Prevent handling any completions after qp destroy (bsc#1256395).
    - CVE-2023-54067: btrfs: fix race when deleting free space root from the dirty cow roots list     (bsc#1256369).
    - CVE-2023-54111: pinctrl: rockchip: Fix refcount leak in rockchip_pinctrl_parse_groups (bsc#1256149).
    - CVE-2023-54112: kcm: Fix memory leak in error path of kcm_sendmsg() (bsc#1256354).
    - CVE-2023-54118: serial: sc16is7xx: setup GPIO controller later in probe (bsc#1256131).
    - CVE-2023-54121: btrfs: fix incorrect splitting in btrfs_drop_extent_map_range (bsc#1256267).
    - CVE-2023-54134: autofs: fix memory leak of waitqueues in autofs_catatonic_mode (bsc#1256106).
    - CVE-2023-54198: tty: fix out-of-bounds access in tty_driver_lookup_tty() (bsc#1255970).
    - CVE-2023-54202: drm/i915: fix race condition UAF in i915_perf_add_config_ioctl (bsc#1255880).
    - CVE-2023-54207: HID: uclogic: Correct devm device reference for hidinput input_dev name (bsc#1255961).
    - CVE-2023-54218: sock: Make sock->sk_stamp thread-safe (bsc#1256229).
    - CVE-2023-54230: amba: bus: fix refcount leak (bsc#1255925).
    - CVE-2023-54243: netfilter: ebtables: fix table blob use-after-free (bsc#1255908).
    - CVE-2023-54265: ipv6: Fix an uninit variable access bug in __ip6_make_skb() (bsc#1255874).
    - CVE-2023-54274: RDMA/srpt: Add a check for valid 'mad_agent' pointer (bsc#1255905).
    - CVE-2023-54282: media: tuners: qt1010: replace BUG_ON with a regular error (bsc#1255810).
    - CVE-2023-54287: tty: serial: imx: disable Ageing Timer interrupt request irq (bsc#1255804).
    - CVE-2023-54311: ext4: fix deadlock when converting an inline directory in nojournal mode (bsc#1255773).
    - CVE-2023-54321: driver core: fix potential null-ptr-deref in device_add() (bsc#1255762).
    - CVE-2024-41007: tcp: use signed arithmetic in tcp_rtx_probe0_timed_out() (bsc#1227863).
    - CVE-2025-40115: scsi: mpt3sas: Fix crash in transport port remove by using ioc_info() (bsc#1253318).
    - CVE-2025-40259: scsi: sg: Do not sleep in atomic context (bsc#1254845).
    - CVE-2025-40261: nvme: nvme-fc: Ensure ->ioerr_work is cancelled in nvme_fc_delete_ctrl() (bsc#1254839).
    - CVE-2025-40264: be2net: pass wrb_params in case of OS2BMC (bsc#1254835).
    - CVE-2025-40271: fs/proc: fix uaf in proc_readdir_de() (bsc#1255297).
    - CVE-2025-40323: fbcon: Set fb_display[i]->mode to NULL when the mode is released (bsc#1255094).
    - CVE-2025-40339: drm/amdgpu: fix nullptr err of vm_handle_moved (bsc#1255428).
    - CVE-2025-40345: usb: storage: sddr55: Reject out-of-bound new_pba (bsc#1255279).
    - CVE-2025-40363: net: ipv6: fix field-spanning memcpy warning in AH output (bsc#1255102).
    - CVE-2025-68188: tcp: use dst_dev_rcu() in tcp_fastopen_active_disable_ofo_check() (bsc#1255269).
    - CVE-2025-68190: drm/amdgpu/atom: Check kcalloc() for WS buffer in amdgpu_atom_execute_table_locked()     (bsc#1255131).
    - CVE-2025-68192: net: usb: qmi_wwan: initialize MAC header offset in qmimux_rx_fixup (bsc#1255246).
    - CVE-2025-68241: ipv4: route: Prevent rt_bind_exception() from rebinding stale fnhe (bsc#1255157).
    - CVE-2025-68245: net: netpoll: fix incorrect refcount handling causing incorrect cleanup (bsc#1255268).
    - CVE-2025-68261: ext4: add i_data_sem protection in ext4_destroy_inline_data_nolock() (bsc#1255164).
    - CVE-2025-68264: ext4: refresh inline data size before write operations (bsc#1255380).
    - CVE-2025-68286: drm/amd/display: Check NULL before accessing (bsc#1255351).
    - CVE-2025-68296: drm, fbcon, vga_switcheroo: Avoid race condition in fbcon setup (bsc#1255128).
    - CVE-2025-68303: platform/x86: intel: punit_ipc: fix memory corruption (bsc#1255122).
    - CVE-2025-68305: Bluetooth: hci_sock: Prevent race in socket write iter and sock bind (bsc#1255169).
    - CVE-2025-68312: usbnet: Prevents free active kevent (bsc#1255171).
    - CVE-2025-68337: jbd2: avoid bug_on in jbd2_journal_get_create_access() when file system corrupted     (bsc#1255482).
    - CVE-2025-68349: NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid     (bsc#1255544).
    - CVE-2025-68354: regulator: core: Protect regulator_supply_alias_list with regulator_list_mutex     (bsc#1255553).
    - CVE-2025-68362: wifi: rtl818x: rtl8187: Fix potential buffer underflow in rtl8187_rx_cb() (bsc#1255611).
    - CVE-2025-68366: nbd: defer config unlock in nbd_genl_connect (bsc#1255622).
    - CVE-2025-68367: macintosh/mac_hid: fix race condition in mac_hid_toggle_emumouse (bsc#1255547).
    - CVE-2025-68372: nbd: defer config put in recv_work (bsc#1255537).
    - CVE-2025-68379: RDMA/rxe: Fix null deref on srq->rq.queue after resize failure (bsc#1255695).
    - CVE-2025-68740: ima: Handle error code returned by ima_filter_rule_match() (bsc#1255812).
    - CVE-2025-68757: drm/vgem-fence: Fix potential deadlock on release (bsc#1255943).
    - CVE-2025-68767: hfsplus: Verify inode mode when loading from disk (bsc#1256580).
    - CVE-2025-68771: ocfs2: fix kernel BUG in ocfs2_find_victim_chain (bsc#1256582).
    - CVE-2025-68774: hfsplus: fix missing hfs_bnode_get() in __hfs_bnode_create (bsc#1256585).
    - CVE-2025-68783: ALSA: usb-mixer: us16x08: validate meter packet indices (bsc#1256650).
    - CVE-2025-68788: fsnotify: do not generate ACCESS/MODIFY events on child for special files (bsc#1256638).
    - CVE-2025-68795: ethtool: Avoid overflowing userspace buffer on stats query (bsc#1256688).
    - CVE-2025-68797: char: applicom: fix NULL pointer dereference in ac_ioctl (bsc#1256660).
    - CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256641).
    - CVE-2025-68816: net/mlx5: fw_tracer, Validate format string parameters (bsc#1256674).
    - CVE-2025-71064: net: hns3: using the num_tqps in the vf driver to apply for resources (bsc#1256654).
    - CVE-2025-71082: Bluetooth: btusb: revert use of devm_kzalloc in btusb (bsc#1256611).
    - CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256623).
    - CVE-2025-71087: iavf: fix off-by-one issues in iavf_config_rss_reg() (bsc#1256628).
    - CVE-2025-71091: team: fix check for port enabled in team_queue_override_port_prio_changed()     (bsc#1256773).
    - CVE-2025-71093: e1000: fix OOB in e1000_tbi_should_accept() (bsc#1256777).
    - CVE-2025-71096: RDMA/core: Check for the presence of LS_NLA_TYPE_DGID correctly (bsc#1256606).
    - CVE-2025-71098: ip6_gre: make ip6gre_header() robust (bsc#1256591).
    - CVE-2025-71108: usb: typec: ucsi: Handle incorrect num_connectors capability (bsc#1256774).
    - CVE-2025-71112: net: hns3: add VLAN id validation before using (bsc#1256726).
    - CVE-2025-71119: powerpc/kexec: Enable SMT before waking offline CPUs (bsc#1205462).
    - CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf     (bsc#1256779).
    - CVE-2026-22976: net_sched: qfq: Fix double list add in class with netem as child qdisc (bsc#1257035).
    - CVE-2026-22978: wifi: avoid kernel-infoleak from struct iw_point (bsc#1257227).
    - CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257236).
    - CVE-2026-23001: macvlan: Use 'hash' iterators to simplify code (bsc#1257232).
    - CVE-2026-23011: ipv4: ip_gre: make ipgre_header() robust (bsc#1257207).

    The following non security issues were fixed:

    - RDMA/rxe: Fix the error caused by qp->sk (bsc#1256122).
    - RDMA/srpt: Fix disabling device management (bsc#1255905).
    - RDMA/srpt: Fix handling of SR-IOV and iWARP ports (bsc#1255905).
    - configfs: factor dirent removal into helpers (bsc#1256184).
    - drm/amdgpu: Remove explicit wait after VM validate (bsc#1255428).
    - drm/amdgpu: update mappings not managed by KFD (bsc#1255428).
    - hwrng: amd - Convert PCIBIOS_* return codes to errnos (bsc#1256386).
    - nvmet-tcp: Fix NULL dereference when a connect data comes in h2cdata pdu (bsc#1255844).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4436 advisory.

    -------------------------------------------------------------------------     Debian LTS Advisory DLA-4436-1                debian-lts@lists.debian.org     https://www.debian.org/lts/security/                        Ben Hutchings     January 14, 2026                              https://wiki.debian.org/LTS
    -------------------------------------------------------------------------

    Package        : linux-6.1     Version        : 6.1.159-1~deb11u1     CVE ID         : CVE-2024-47666 CVE-2025-37899 CVE-2025-38057 CVE-2025-38556                      CVE-2025-38593 CVE-2025-38678 CVE-2025-39805 CVE-2025-40083                      CVE-2025-40211 CVE-2025-40214 CVE-2025-40248 CVE-2025-40252                      CVE-2025-40253 CVE-2025-40254 CVE-2025-40257 CVE-2025-40258                      CVE-2025-40259 CVE-2025-40261 CVE-2025-40262 CVE-2025-40263                      CVE-2025-40264 CVE-2025-40269 CVE-2025-40271 CVE-2025-40272                      CVE-2025-40273 CVE-2025-40275 CVE-2025-40277 CVE-2025-40278                      CVE-2025-40279 CVE-2025-40280 CVE-2025-40281 CVE-2025-40282                      CVE-2025-40283 CVE-2025-40284 CVE-2025-40285 CVE-2025-40286                      CVE-2025-40288 CVE-2025-40292 CVE-2025-40293 CVE-2025-40294                      CVE-2025-40297 CVE-2025-40301 CVE-2025-40304 CVE-2025-40306                      CVE-2025-40308 CVE-2025-40309 CVE-2025-40312 CVE-2025-40313                      CVE-2025-40314 CVE-2025-40315 CVE-2025-40317 CVE-2025-40318                      CVE-2025-40319 CVE-2025-40321 CVE-2025-40322 CVE-2025-40323                      CVE-2025-40324 CVE-2025-40331 CVE-2025-40341 CVE-2025-40342                      CVE-2025-40343 CVE-2025-40345 CVE-2025-40360 CVE-2025-40363                      CVE-2025-68168 CVE-2025-68171 CVE-2025-68173 CVE-2025-68176                      CVE-2025-68177 CVE-2025-68185 CVE-2025-68191 CVE-2025-68192                      CVE-2025-68194 CVE-2025-68200 CVE-2025-68204 CVE-2025-68214                      CVE-2025-68217 CVE-2025-68218 CVE-2025-68220 CVE-2025-68227                      CVE-2025-68229 CVE-2025-68231 CVE-2025-68233 CVE-2025-68237                      CVE-2025-68238 CVE-2025-68241 CVE-2025-68244 CVE-2025-68245                      CVE-2025-68246 CVE-2025-68282 CVE-2025-68283 CVE-2025-68284                      CVE-2025-68285 CVE-2025-68286 CVE-2025-68287 CVE-2025-68288                      CVE-2025-68289 CVE-2025-68290 CVE-2025-68295 CVE-2025-68301                      CVE-2025-68302 CVE-2025-68303 CVE-2025-68307 CVE-2025-68308                      CVE-2025-68310 CVE-2025-68312 CVE-2025-68321 CVE-2025-68327                      CVE-2025-68328 CVE-2025-68330 CVE-2025-68331 CVE-2025-68339                      CVE-2025-68343 CVE-2025-68734     Debian Bug     : 919350 1106411 1114557 1119232 1120602 1120680

    Several vulnerabilities have been discovered in the Linux kernel that     may lead to a privilege escalation, denial of service or information     leaks.

    For Debian 11 bullseye, these problems have been fixed in version     6.1.159-1~deb11u1.  This update also fixes several bugs reported to     Debian.  It additionally includes many more bug fixes from stable     update 6.1.159.

    We recommend that you upgrade your linux-6.1 packages.

    For the detailed security status of linux-6.1 please refer to     its security tracker page at:
    https://security-tracker.debian.org/tracker/linux-6.1

    Further information about Debian LTS security advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://wiki.debian.org/LTS     Attachment:
    signature.asc     Description: PGP signature

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4404 advisory.

    -------------------------------------------------------------------------     Debian LTS Advisory DLA-4404-1                debian-lts@lists.debian.org     https://www.debian.org/lts/security/                        Ben Hutchings     December 12, 2025                             https://wiki.debian.org/LTS
    -------------------------------------------------------------------------

    Package        : linux     Version        : 5.10.247-1     CVE ID         : CVE-2023-53498 CVE-2024-47666 CVE-2024-50143 CVE-2024-57947                      CVE-2025-21861 CVE-2025-21887 CVE-2025-22058 CVE-2025-23143                      CVE-2025-38678 CVE-2025-39866 CVE-2025-39869 CVE-2025-39876                      CVE-2025-39883 CVE-2025-39885 CVE-2025-39907 CVE-2025-39911                      CVE-2025-39913 CVE-2025-39923 CVE-2025-39937 CVE-2025-39945                      CVE-2025-39949 CVE-2025-39951 CVE-2025-39953 CVE-2025-39955                      CVE-2025-39964 CVE-2025-39967 CVE-2025-39968 CVE-2025-39969                      CVE-2025-39970 CVE-2025-39971 CVE-2025-39972 CVE-2025-39973                      CVE-2025-39980 CVE-2025-39985 CVE-2025-39986 CVE-2025-39987                      CVE-2025-39993 CVE-2025-39994 CVE-2025-39995 CVE-2025-39996                      CVE-2025-39998 CVE-2025-40001 CVE-2025-40006 CVE-2025-40011                      CVE-2025-40018 CVE-2025-40019 CVE-2025-40020 CVE-2025-40021                      CVE-2025-40022 CVE-2025-40026 CVE-2025-40027 CVE-2025-40029                      CVE-2025-40030 CVE-2025-40035 CVE-2025-40042 CVE-2025-40044                      CVE-2025-40048 CVE-2025-40049 CVE-2025-40053 CVE-2025-40055                      CVE-2025-40070 CVE-2025-40078 CVE-2025-40081 CVE-2025-40083                      CVE-2025-40087 CVE-2025-40088 CVE-2025-40105 CVE-2025-40106                      CVE-2025-40109 CVE-2025-40111 CVE-2025-40115 CVE-2025-40116                      CVE-2025-40118 CVE-2025-40121 CVE-2025-40125 CVE-2025-40127                      CVE-2025-40134 CVE-2025-40140 CVE-2025-40153 CVE-2025-40154                      CVE-2025-40167 CVE-2025-40173 CVE-2025-40178 CVE-2025-40183                      CVE-2025-40186 CVE-2025-40187 CVE-2025-40188 CVE-2025-40190                      CVE-2025-40194 CVE-2025-40197 CVE-2025-40198 CVE-2025-40200                      CVE-2025-40204 CVE-2025-40205 CVE-2025-40211 CVE-2025-40219                      CVE-2025-40220 CVE-2025-40223 CVE-2025-40231 CVE-2025-40233                      CVE-2025-40240 CVE-2025-40243 CVE-2025-40244 CVE-2025-40248                      CVE-2025-40254 CVE-2025-40257 CVE-2025-40258 CVE-2025-40259                      CVE-2025-40261 CVE-2025-40262 CVE-2025-40263 CVE-2025-40264                      CVE-2025-40269 CVE-2025-40271 CVE-2025-40273 CVE-2025-40275                      CVE-2025-40277 CVE-2025-40278 CVE-2025-40280 CVE-2025-40281                      CVE-2025-40282 CVE-2025-40283 CVE-2025-40304 CVE-2025-40306                      CVE-2025-40308 CVE-2025-40309 CVE-2025-40312 CVE-2025-40315                      CVE-2025-40317 CVE-2025-40319 CVE-2025-40321 CVE-2025-40322                      CVE-2025-40324 CVE-2025-40331 CVE-2025-40342     Debian Bug     : 1107479 1114557

    Several vulnerabilities have been discovered in the Linux kernel that     may lead to a privilege escalation, denial of service or information     leaks.

    For Debian 11 bullseye, these problems have been fixed in version     5.10.247-1.  This version additionally includes many more bug fixes     from stable updates 5.10.245-5.10.247.  The broken pktcdvd driver has     also been disabled.

    We recommend that you upgrade your linux packages.

    For the detailed security status of linux please refer to     its security tracker page at:
    https://security-tracker.debian.org/tracker/linux

    Further information about Debian LTS security advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://wiki.debian.org/LTS     Attachment:
    signature.asc     Description: PGP signature

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

An update of the linux package has been released.

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - nvme: nvme-fc: Ensure ->ioerr_work is cancelled in nvme_fc_delete_ctrl() nvme_fc_delete_assocation() waits     for pending I/O to complete before returning, and an error can cause ->ioerr_work to be queued after     cancel_work_sync() had been called. Move the call to cancel_work_sync() to be after     nvme_fc_delete_association() to ensure ->ioerr_work is not running when the nvme_fc_ctrl object is freed.
    Otherwise the following can occur: [ 1135.911754] list_del corruption, ff2d24c8093f31f8->next is NULL [     1135.917705] ------------[ cut here ]------------ [ 1135.922336] kernel BUG at lib/list_debug.c:52! [     1135.926784] Oops: invalid opcode: 0000 [#1] SMP NOPTI [ 1135.931851] CPU: 48 UID: 0 PID: 726 Comm:
    kworker/u449:23 Kdump: loaded Not tainted 6.12.0 #1 PREEMPT(voluntary) [ 1135.943490] Hardware name: Dell     Inc. PowerEdge R660/0HGTK9, BIOS 2.5.4 01/16/2025 [ 1135.950969] Workqueue: 0x0 (nvme-wq) [ 1135.954673]     RIP: 0010:__list_del_entry_valid_or_report.cold+0xf/0x6f [ 1135.961041] Code: c7 c7 98 68 72 94 e8 26 45     fe ff 0f 0b 48 c7 c7 70 68 72 94 e8 18 45 fe ff 0f 0b 48 89 fe 48 c7 c7 80 69 72 94 e8 07 45 fe ff <0f> 0b     48 89 d1 48 c7 c7 a0 6a 72 94 48 89 c2 e8 f3 44 fe ff 0f 0b [ 1135.979788] RSP: 0018:ff579b19482d3e50     EFLAGS: 00010046 [ 1135.985015] RAX: 0000000000000033 RBX: ff2d24c8093f31f0 RCX: 0000000000000000 [     1135.992148] RDX: 0000000000000000 RSI: ff2d24d6bfa1d0c0 RDI: ff2d24d6bfa1d0c0 [ 1135.999278] RBP:
    ff2d24c8093f31f8 R08: 0000000000000000 R09: ffffffff951e2b08 [ 1136.006413] R10: ffffffff95122ac8 R11:
    0000000000000003 R12: ff2d24c78697c100 [ 1136.013546] R13: fffffffffffffff8 R14: 0000000000000000 R15:
    ff2d24c78697c0c0 [ 1136.020677] FS: 0000000000000000(0000) GS:ff2d24d6bfa00000(0000)     knlGS:0000000000000000 [ 1136.028765] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1136.034510] CR2:
    00007fd207f90b80 CR3: 000000163ea22003 CR4: 0000000000f73ef0 [ 1136.041641] DR0: 0000000000000000 DR1:
    0000000000000000 DR2: 0000000000000000 [ 1136.048776] DR3: 0000000000000000 DR6: 00000000fffe07f0 DR7:
    0000000000000400 [ 1136.055910] PKRU: 55555554 [ 1136.058623] Call Trace: [ 1136.061074] <TASK> [     1136.063179] ? show_trace_log_lvl+0x1b0/0x2f0 [ 1136.067540] ? show_trace_log_lvl+0x1b0/0x2f0 [     1136.071898] ? move_linked_works+0x4a/0xa0 [ 1136.075998] ? __list_del_entry_valid_or_report.cold+0xf/0x6f     [ 1136.081744] ? __die_body.cold+0x8/0x12 [ 1136.085584] ? die+0x2e/0x50 [ 1136.088469] ?     do_trap+0xca/0x110 [ 1136.091789] ? do_error_trap+0x65/0x80 [ 1136.095543] ?
    __list_del_entry_valid_or_report.cold+0xf/0x6f [ 1136.101289] ? exc_invalid_op+0x50/0x70 [ 1136.105127] ?
    __list_del_entry_valid_or_report.cold+0xf/0x6f [ 1136.110874] ? asm_exc_invalid_op+0x1a/0x20 [     1136.115059] ? __list_del_entry_valid_or_report.cold+0xf/0x6f [ 1136.120806] move_linked_works+0x4a/0xa0 [     1136.124733] worker_thread+0x216/0x3a0 [ 1136.128485] ? __pfx_worker_thread+0x10/0x10 [ 1136.132758]     kthread+0xfa/0x240 [ 1136.135904] ? __pfx_kthread+0x10/0x10 [ 1136.139657] ret_from_fork+0x31/0x50 [     1136.143236] ? __pfx_kthread+0x10/0x10 [ 1136.146988] ret_from_fork_asm+0x1a/0x30 [ 1136.150915] </TASK>     (CVE-2025-40261)

Note that Nessus relies on the presence of the package as reported by the vendor.

ID	Name	Product	Family	Severity
302766	Ubuntu 24.04 LTS / 25.10 : Linux kernel vulnerabilities (USN-8094-1)	Nessus	Ubuntu Local Security Checks	high
302765	Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-8096-1)	Nessus	Ubuntu Local Security Checks	high
302764	Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel vulnerabilities (USN-8095-1)	Nessus	Ubuntu Local Security Checks	high
302763	Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel (NVIDIA) vulnerabilities (USN-8100-1)	Nessus	Ubuntu Local Security Checks	high
301628	EulerOS 2.0 SP13 : kernel (EulerOS-SA-2026-1280)	Nessus	Huawei Local Security Checks	high
301595	EulerOS 2.0 SP13 : kernel (EulerOS-SA-2026-1244)	Nessus	Huawei Local Security Checks	high
300556	openSUSE 16 Security Update : kernel (openSUSE-SU-2026:20287-1)	Nessus	SuSE Local Security Checks	high
299777	Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50112)	Nessus	Oracle Linux Local Security Checks	high
299715	SUSE SLES15 Security Update : kernel (SUSE-SU-2026:0587-1)	Nessus	SuSE Local Security Checks	high
299303	Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50113)	Nessus	Oracle Linux Local Security Checks	high
298924	SUSE SLES12 : Recommended update for initial livepatch (SUSE-SU-2026:0473-1)	Nessus	SuSE Local Security Checks	high
298917	SUSE SLES15 Security Update : kernel (SUSE-SU-2026:0472-1)	Nessus	SuSE Local Security Checks	high
298739	SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2026:0447-1)	Nessus	SuSE Local Security Checks	high
284514	Debian dla-4436 : linux-config-6.1 - security update	Nessus	Debian Local Security Checks	high
278559	Debian dla-4404 : ata-modules-5.10.0-35-armmp-di - security update	Nessus	Debian Local Security Checks	high
278313	Photon OS 4.0: Linux PHSA-2025-4.0-0924	Nessus	PhotonOS Local Security Checks	high
278075	Photon OS 5.0: Linux PHSA-2025-5.0-0708	Nessus	PhotonOS Local Security Checks	high
277521	Linux Distros Unpatched Vulnerability : CVE-2025-40261	Nessus	Misc.	medium

Detections

Analytics

CVE-2025-40261

medium

Tenable Plugins

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

medium