In the Linux kernel, the following vulnerability has been resolved: af_unix: read UNIX_DIAG_VFS data under unix_state_lock Exact UNIX diag lookups hold a reference to the socket, but not to u->path. Meanwhile, unix_release_sock() clears u->path under unix_state_lock() and drops the path reference after unlocking. Read the inode and device numbers for UNIX_DIAG_VFS while holding unix_state_lock(), then emit the netlink attribute after dropping the lock. This keeps the VFS data stable while the reply is being built.

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1882 advisory.

    In the Linux kernel, the following vulnerability has been resolved:

    arm64: mm: fix VA-range sanity check (CVE-2023-53989)

    In the Linux kernel, the following vulnerability has been resolved:

    iommu/amd/pgtbl: Fix possible race while increase page table level (CVE-2025-39961)

    In the Linux kernel, the following vulnerability has been resolved:

    net: add proper RCU protection to /proc/net/ptype (CVE-2026-23255)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: nf_tables: unconditionally bump set->nelems before insertion (CVE-2026-23272)

    In the Linux kernel, the following vulnerability has been resolved:

    nf_tables: nft_dynset: fix possible stateful expression memleak in error path (CVE-2026-23399)

    In the Linux kernel, the following vulnerability has been resolved:

    ipv6: add NULL checks for idev in SRv6 paths (CVE-2026-23442)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: conntrack: add missing netlink policy validations (CVE-2026-31407)

    In the Linux kernel, the following vulnerability has been resolved:

    net: bonding: fix use-after-free in bond_xmit_broadcast() (CVE-2026-31419)

    In the Linux kernel, the following vulnerability has been resolved:

    bcache: fix cached_dev.sb_bio use-after-free and crash (CVE-2026-31580)

    In the Linux kernel, the following vulnerability has been resolved:

    mm: blk-cgroup: fix use-after-free in cgwb_release_workfn() (CVE-2026-31586)

    In the Linux kernel, the following vulnerability has been resolved:

    KVM: x86: Use scratch field in MMIO fragment to hold small write values (CVE-2026-31588)

    In the Linux kernel, the following vulnerability has been resolved:

    KVM: SEV: Drop WARN on large size for KVM_MEMORY_ENCRYPT_REG_REGION (CVE-2026-31590)

    In the Linux kernel, the following vulnerability has been resolved:

    usbip: validate number_of_packets in usbip_pack_ret_submit() (CVE-2026-31607)

    In the Linux kernel, the following vulnerability has been resolved:

    smb: client: fix OOB reads parsing symlink error response (CVE-2026-31613)

    In the Linux kernel, the following vulnerability has been resolved:

    xfrm: hold dev ref until after transport_finish NF_HOOK (CVE-2026-31663)

    In the Linux kernel, the following vulnerability has been resolved:

    af_unix: read UNIX_DIAG_VFS data under unix_state_lock (CVE-2026-31673)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: xt_multiport: validate range encoding in checkentry (CVE-2026-31681)

    In the Linux kernel, the following vulnerability has been resolved:

    net: sched: act_csum: validate nested VLAN headers (CVE-2026-31684)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: ip6t_eui64: reject invalid MAC header for all packets (CVE-2026-31685)

    In the Linux kernel, the following vulnerability has been resolved:

    rtnetlink: add missing netlink_ns_capable() check for peer netns (CVE-2026-31692)

    In the Linux kernel, the following vulnerability has been resolved:

    net/packet: fix TOCTOU race on mmap'd vnet_hdr in tpacket_snd() (CVE-2026-31700)

    In the Linux kernel, the following vulnerability has been resolved:

    smb: client: fix OOB read in smb2_ioctl_query_info QUERY_INFO path (CVE-2026-31708)

    In the Linux kernel, the following vulnerability has been resolved:

    fs/ntfs3: validate rec->used in journal-replay file record check (CVE-2026-31716)

    In the Linux kernel, the following vulnerability has been resolved:

    dcache: Limit the minimal number of bucket to two (CVE-2026-43071)

    In the Linux kernel, the following vulnerability has been resolved:

    perf/x86/intel/uncore: Skip discovery table for offline dies (CVE-2026-43079)

    In the Linux kernel, the following vulnerability has been resolved:

    net: ioam6: fix OOB and missing lock (CVE-2026-43083)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: nfnetlink_log: initialize nfgenmsg in NLMSG_DONE terminator (CVE-2026-43085)

    In the Linux kernel, the following vulnerability has been resolved:

    xfrm_user: fix info leak in build_mapping() (CVE-2026-43089)

    In the Linux kernel, the following vulnerability has been resolved:

    xsk: tighten UMEM headroom validation to account for tailroom and min frame (CVE-2026-43093)

    In the Linux kernel, the following vulnerability has been resolved:

    ixgbevf: add missing negotiate_features op to Hyper-V ops table (CVE-2026-43094)

    In the Linux kernel, the following vulnerability has been resolved:

    fs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath (CVE-2026-43112)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: nft_set_pipapo_avx2: don't return non-matching entry on expiry (CVE-2026-43114)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: ctnetlink: ensure safe access to master conntrack (CVE-2026-43116)

    In the Linux kernel, the following vulnerability has been resolved:

    btrfs: tracepoints: get correct superblock from dentry in event btrfs_sync_file() (CVE-2026-43117)

    In the Linux kernel, the following vulnerability has been resolved:

    smb: client: require a full NFS mode SID before reading mode bits (CVE-2026-43350)

    In the Linux kernel, the following vulnerability has been resolved:

    crypto: pcrypt - Fix handling of MAY_BACKLOG requests (CVE-2026-43493)

    In the Linux kernel, the following vulnerability has been resolved:

    net/sched: sch_red: Replace direct dequeue call with peek and qdisc_dequeue_peeked (CVE-2026-43496)

    In the Linux kernel, the following vulnerability has been resolved:

    rtmutex: Use waiter::task instead of current in remove_waiter() (CVE-2026-43499)

    In the Linux kernel, the following vulnerability has been resolved:

    net/rds: handle zerocopy send cleanup before the message is queued (CVE-2026-43502)

    In the Linux kernel, the following vulnerability has been resolved:

    bpf: fix end-of-list detection in cgroup_storage_get_next_key() (CVE-2026-45838)

    In the Linux kernel, the following vulnerability has been resolved:

    bpf: reject negative CO-RE accessor indices in bpf_core_parse_spec() (CVE-2026-45839)

    In the Linux kernel, the following vulnerability has been resolved:

    openvswitch: cap upcall PID array size and pre-size vport replies (CVE-2026-45840)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: nfnetlink_osf: fix divide-by-zero in OSF_WSS_MODULO (CVE-2026-45841)

    In the Linux kernel, the following vulnerability has been resolved:

    slip: reject VJ receive packets on instances with no rstate array (CVE-2026-45842)

    In the Linux kernel, the following vulnerability has been resolved:

    slip: bound decode() reads against the compressed packet length (CVE-2026-45843)

    In the Linux kernel, the following vulnerability has been resolved:

    KVM: nSVM: Sync interrupt shadow to cached vmcb12 after VMRUN of L2 (CVE-2026-45987)

    In the Linux kernel, the following vulnerability has been resolved:

    scsi: sd: fix missing put_disk() when device_add(&disk_dev) fails (CVE-2026-45997)

    In the Linux kernel, the following vulnerability has been resolved:

    tcp: call sk_data_ready() after listener migration (CVE-2026-46015)

    In the Linux kernel, the following vulnerability has been resolved:

    dm mirror: fix integer overflow in create_dirty_log() (CVE-2026-46023)

    In the Linux kernel, the following vulnerability has been resolved:

    libceph: Prevent potential null-ptr-deref in ceph_handle_auth_reply() (CVE-2026-46024)

    In the Linux kernel, the following vulnerability has been resolved:

    crypto: authencesn - reject short ahash digests during instance creation (CVE-2026-46033)

    In the Linux kernel, the following vulnerability has been resolved:

    ipv4: icmp: validate reply type before using icmp_pointers (CVE-2026-46037)

    In the Linux kernel, the following vulnerability has been resolved:

    inotify: fix watch count leak when fsnotify_add_inode_mark_locked() fails (CVE-2026-46040)

    In the Linux kernel, the following vulnerability has been resolved:

    ext4: fix missing brelse() in ext4_xattr_inode_dec_ref_all() (CVE-2026-46046)

    In the Linux kernel, the following vulnerability has been resolved:

    md/raid10: fix deadlock with check operation and nowait requests (CVE-2026-46050)

    In the Linux kernel, the following vulnerability has been resolved:

    md/raid5: fix soft lockup in retry_aligned_read() (CVE-2026-46051)

    In the Linux kernel, the following vulnerability has been resolved:

    net: rds: fix MR cleanup on copy error (CVE-2026-46053)

    In the Linux kernel, the following vulnerability has been resolved:

    ntfs3: fix integer overflow in run_unpack() volume boundary check (CVE-2026-46062)

    In the Linux kernel, the following vulnerability has been resolved:

    md/raid5: validate payload size before accessing journal metadata (CVE-2026-46070)

    In the Linux kernel, the following vulnerability has been resolved:

    ntfs3: add buffer boundary checks to run_unpack() (CVE-2026-46072)

    In the Linux kernel, the following vulnerability has been resolved:

    erofs: fix the out-of-bounds nameoff handling for trailing dirents (CVE-2026-46078)

    In the Linux kernel, the following vulnerability has been resolved:

    rbd: fix null-ptr-deref when device_add_disk() fails (CVE-2026-46079)

    In the Linux kernel, the following vulnerability has been resolved:

    KVM: SVM: Inject #UD for INVLPGA if EFER.SVME=0 (CVE-2026-46082)

    In the Linux kernel, the following vulnerability has been resolved:

    net: ipv6: fix NOREF dst use in seg6 and rpl lwtunnels (CVE-2026-46099)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: reject zero shift in nft_bitwise (CVE-2026-46101)

    In the Linux kernel, the following vulnerability has been resolved:

    net: strparser: fix skb_head leak in strp_abort_strp() (CVE-2026-46102)

    In the Linux kernel, the following vulnerability has been resolved:

    dm-thin: fix metadata refcount underflow (CVE-2026-46107)

    In the Linux kernel, the following vulnerability has been resolved:

    KVM: x86: Fix shadow paging use-after-free due to unexpected GFN (CVE-2026-46113)

    In the Linux kernel, the following vulnerability has been resolved:

    libceph: Fix slab-out-of-bounds access in auth message processing (CVE-2026-46119)

    In the Linux kernel, the following vulnerability has been resolved:

    ip6_gre: Use cached t->net in ip6erspan_changelink(). (CVE-2026-46120)

    In the Linux kernel, the following vulnerability has been resolved:

    isofs: validate block number from NFS file handle in isofs_export_iget (CVE-2026-46124)

    In the Linux kernel, the following vulnerability has been resolved:

    btrfs: fix double free in create_space_info() error path (CVE-2026-46129)

    In the Linux kernel, the following vulnerability has been resolved:

    net: rtnetlink: zero ifla_vf_broadcast to avoid stack infoleak in rtnl_fill_vfinfo (CVE-2026-46132)

    In the Linux kernel, the following vulnerability has been resolved:

    scsi: target: configfs: Bound snprintf() return in tg_pt_gp_members_show() (CVE-2026-46149)

    In the Linux kernel, the following vulnerability has been resolved:

    fanotify: fix false positive on permission events (CVE-2026-46150)

    In the Linux kernel, the following vulnerability has been resolved:

    md/raid10: fix divide-by-zero in setup_geo() with zero far_copies (CVE-2026-46161)

    In the Linux kernel, the following vulnerability has been resolved:

    openvswitch: vport: fix self-deadlock on release of tunnel ports (CVE-2026-46165)

    In the Linux kernel, the following vulnerability has been resolved:

    mptcp: fix scheduling with atomic in timestamp sockopt (CVE-2026-46168)

    In the Linux kernel, the following vulnerability has been resolved:

    ipv6: xfrm6: release dst on error in xfrm6_rcv_encap() (CVE-2026-46172)

    In the Linux kernel, the following vulnerability has been resolved:

    exit: prevent preemption of oopsing TASK_DEAD task (CVE-2026-46173)

    In the Linux kernel, the following vulnerability has been resolved:

    smb/client: fix out-of-bounds read in symlink_data() (CVE-2026-46185)

    In the Linux kernel, the following vulnerability has been resolved:

    drm/gem: Fix inconsistent plane dimension calculation in drm_gem_fb_init_with_funcs() (CVE-2026-46209)

    In the Linux kernel, the following vulnerability has been resolved:

    vsock/virtio: fix accept queue count leak on transport mismatch (CVE-2026-46214)

    In the Linux kernel, the following vulnerability has been resolved:

    sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL (CVE-2026-46227)

    In the Linux kernel, the following vulnerability has been resolved:

    vsock: fix buffer size clamping order (CVE-2026-46234)

    In the Linux kernel, the following vulnerability has been resolved:

    eventpoll: fix ep_remove struct eventpoll / struct file UAF (CVE-2026-46242)

    In the Linux kernel, the following vulnerability has been resolved:

    io-wq: check that the predecessor is hashed in io_wq_remove_pending() (CVE-2026-46274)

    In the Linux kernel, the following vulnerability has been resolved:

    dm: fix a buffer overflow in ioctl processing (CVE-2026-46294)

    In the Linux kernel, the following vulnerability has been resolved:

    flow_dissector: do not dissect PPPoE PFC frames (CVE-2026-46306)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of kernel installed on the remote host is prior to 5.15.209-147.245. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2026-107 advisory.

    In the Linux kernel, the following vulnerability has been resolved:

    blk-mq: use quiesced elevator switch when reinitializing queues (CVE-2022-50552)

    In the Linux kernel, the following vulnerability has been resolved:

    net: clear the dst when changing skb protocol (CVE-2025-38192)

    In the Linux kernel, the following vulnerability has been resolved:

    binfmt_misc: restore write access before closing files opened by open_exec() (CVE-2025-68239)

    In the Linux kernel, the following vulnerability has been resolved:

    btrfs: do not strictly require dirty metadata threshold for metadata writepages (CVE-2026-23157)

    In the Linux kernel, the following vulnerability has been resolved:

    net/sched: cls_u32: use skb_header_pointer_careful() (CVE-2026-23204)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: nf_tables: unconditionally bump set->nelems before insertion (CVE-2026-23272)

    In the Linux kernel, the following vulnerability has been resolved:

    nf_tables: nft_dynset: fix possible stateful expression memleak in error path (CVE-2026-23399)

    In the Linux kernel, the following vulnerability has been resolved:

    ipv6: add NULL checks for idev in SRv6 paths (CVE-2026-23442)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: conntrack: add missing netlink policy validations (CVE-2026-31407)

    In the Linux kernel, the following vulnerability has been resolved:

    spi: meson-spicc: Fix double-put in remove path (CVE-2026-31489)

    In the Linux kernel, the following vulnerability has been resolved:

    can: raw: fix ro->uniq use-after-free in raw_rcv() (CVE-2026-31532)

    In the Linux kernel, the following vulnerability has been resolved:

    nilfs2: fix NULL i_assoc_inode dereference in nilfs_mdt_save_to_shadow_map (CVE-2026-31577)

    In the Linux kernel, the following vulnerability has been resolved:

    bcache: fix cached_dev.sb_bio use-after-free and crash (CVE-2026-31580)

    In the Linux kernel, the following vulnerability has been resolved:

    mm: blk-cgroup: fix use-after-free in cgwb_release_workfn() (CVE-2026-31586)

    In the Linux kernel, the following vulnerability has been resolved:

    KVM: x86: Use scratch field in MMIO fragment to hold small write values (CVE-2026-31588)

    In the Linux kernel, the following vulnerability has been resolved:

    KVM: SEV: Drop WARN on large size for KVM_MEMORY_ENCRYPT_REG_REGION (CVE-2026-31590)

    In the Linux kernel, the following vulnerability has been resolved:

    media: vidtv: fix NULL pointer dereference in vidtv_channel_pmt_match_sections (CVE-2026-31599)

    In the Linux kernel, the following vulnerability has been resolved:

    usbip: validate number_of_packets in usbip_pack_ret_submit() (CVE-2026-31607)

    In the Linux kernel, the following vulnerability has been resolved:

    HID: core: clamp report_size in s32ton() to avoid undefined shift (CVE-2026-31624)

    In the Linux kernel, the following vulnerability has been resolved:

    xfrm: clear trailing padding in build_polexpire() (CVE-2026-31664)

    In the Linux kernel, the following vulnerability has been resolved:

    af_unix: read UNIX_DIAG_VFS data under unix_state_lock (CVE-2026-31673)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: xt_multiport: validate range encoding in checkentry (CVE-2026-31681)

    In the Linux kernel, the following vulnerability has been resolved:

    net: sched: act_csum: validate nested VLAN headers (CVE-2026-31684)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: ip6t_eui64: reject invalid MAC header for all packets (CVE-2026-31685)

    In the Linux kernel, the following vulnerability has been resolved:

    rtnetlink: add missing netlink_ns_capable() check for peer netns (CVE-2026-31692)

    In the Linux kernel, the following vulnerability has been resolved:

    fuse: reject oversized dirents in page cache (CVE-2026-31694)

    In the Linux kernel, the following vulnerability has been resolved:

    fs/ntfs3: validate rec->used in journal-replay file record check (CVE-2026-31716)

    In the Linux kernel, the following vulnerability has been resolved:

    perf/x86/intel/uncore: Skip discovery table for offline dies (CVE-2026-43079)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: nfnetlink_log: initialize nfgenmsg in NLMSG_DONE terminator (CVE-2026-43085)

    In the Linux kernel, the following vulnerability has been resolved:

    xfrm_user: fix info leak in build_mapping() (CVE-2026-43089)

    In the Linux kernel, the following vulnerability has been resolved:

    xsk: tighten UMEM headroom validation to account for tailroom and min frame (CVE-2026-43093)

    In the Linux kernel, the following vulnerability has been resolved:

    ipv4: icmp: fix null-ptr-deref in icmp_build_probe() (CVE-2026-43099)

    In the Linux kernel, the following vulnerability has been resolved:

    fs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath (CVE-2026-43112)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: nft_set_pipapo_avx2: don't return non-matching entry on expiry (CVE-2026-43114)

    In the Linux kernel, the following vulnerability has been resolved:

    btrfs: tracepoints: get correct superblock from dentry in event btrfs_sync_file() (CVE-2026-43117)

    In the Linux kernel, the following vulnerability has been resolved:

    mailbox: Prevent out-of-bounds access in fw_mbox_index_xlate() (CVE-2026-43281)

    In the Linux kernel, the following vulnerability has been resolved:

    cpufreq: governor: fix double free in cpufreq_dbs_governor_init() error path (CVE-2026-43328)

    In the Linux kernel, the following vulnerability has been resolved:

    crypto: pcrypt - Fix handling of MAY_BACKLOG requests (CVE-2026-43493)

    In the Linux kernel, the following vulnerability has been resolved:

    net/sched: sch_red: Replace direct dequeue call with peek and qdisc_dequeue_peeked (CVE-2026-43496)

    In the Linux kernel, the following vulnerability has been resolved:

    net/rds: handle zerocopy send cleanup before the message is queued (CVE-2026-43502)

    In the Linux kernel, the following vulnerability has been resolved:

    bpf: fix end-of-list detection in cgroup_storage_get_next_key() (CVE-2026-45838)

    In the Linux kernel, the following vulnerability has been resolved:

    bpf: reject negative CO-RE accessor indices in bpf_core_parse_spec() (CVE-2026-45839)

    In the Linux kernel, the following vulnerability has been resolved:

    openvswitch: cap upcall PID array size and pre-size vport replies (CVE-2026-45840)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: nfnetlink_osf: fix divide-by-zero in OSF_WSS_MODULO (CVE-2026-45841)

    In the Linux kernel, the following vulnerability has been resolved:

    KVM: nSVM: Sync interrupt shadow to cached vmcb12 after VMRUN of L2 (CVE-2026-45987)

    In the Linux kernel, the following vulnerability has been resolved:

    tcp: call sk_data_ready() after listener migration (CVE-2026-46015)

    In the Linux kernel, the following vulnerability has been resolved:

    dm mirror: fix integer overflow in create_dirty_log() (CVE-2026-46023)

    In the Linux kernel, the following vulnerability has been resolved:

    libceph: Prevent potential null-ptr-deref in ceph_handle_auth_reply() (CVE-2026-46024)

    In the Linux kernel, the following vulnerability has been resolved:

    crypto: authencesn - reject short ahash digests during instance creation (CVE-2026-46033)

    In the Linux kernel, the following vulnerability has been resolved:

    ipv4: icmp: validate reply type before using icmp_pointers (CVE-2026-46037)

    In the Linux kernel, the following vulnerability has been resolved:

    inotify: fix watch count leak when fsnotify_add_inode_mark_locked() fails (CVE-2026-46040)

    In the Linux kernel, the following vulnerability has been resolved:

    ext4: fix missing brelse() in ext4_xattr_inode_dec_ref_all() (CVE-2026-46046)

    In the Linux kernel, the following vulnerability has been resolved:

    md/raid10: fix deadlock with check operation and nowait requests (CVE-2026-46050)

    In the Linux kernel, the following vulnerability has been resolved:

    md/raid5: fix soft lockup in retry_aligned_read() (CVE-2026-46051)

    In the Linux kernel, the following vulnerability has been resolved:

    net: rds: fix MR cleanup on copy error (CVE-2026-46053)

    In the Linux kernel, the following vulnerability has been resolved:

    ntfs3: fix integer overflow in run_unpack() volume boundary check (CVE-2026-46062)

    In the Linux kernel, the following vulnerability has been resolved:

    md/raid5: validate payload size before accessing journal metadata (CVE-2026-46070)

    In the Linux kernel, the following vulnerability has been resolved:

    ntfs3: add buffer boundary checks to run_unpack() (CVE-2026-46072)

    In the Linux kernel, the following vulnerability has been resolved:

    KVM: SVM: Inject #UD for INVLPGA if EFER.SVME=0 (CVE-2026-46082)

    In the Linux kernel, the following vulnerability has been resolved:

    net: ipv6: fix NOREF dst use in seg6 and rpl lwtunnels (CVE-2026-46099)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: reject zero shift in nft_bitwise (CVE-2026-46101)

    In the Linux kernel, the following vulnerability has been resolved:

    net: strparser: fix skb_head leak in strp_abort_strp() (CVE-2026-46102)

    In the Linux kernel, the following vulnerability has been resolved:

    dm-thin: fix metadata refcount underflow (CVE-2026-46107)

    In the Linux kernel, the following vulnerability has been resolved:

    libceph: Fix slab-out-of-bounds access in auth message processing (CVE-2026-46119)

    In the Linux kernel, the following vulnerability has been resolved:

    ip6_gre: Use cached t->net in ip6erspan_changelink(). (CVE-2026-46120)

    In the Linux kernel, the following vulnerability has been resolved:

    isofs: validate block number from NFS file handle in isofs_export_iget (CVE-2026-46124)

    In the Linux kernel, the following vulnerability has been resolved:

    net: rtnetlink: zero ifla_vf_broadcast to avoid stack infoleak in rtnl_fill_vfinfo (CVE-2026-46132)

    In the Linux kernel, the following vulnerability has been resolved:

    scsi: target: configfs: Bound snprintf() return in tg_pt_gp_members_show() (CVE-2026-46149)

    In the Linux kernel, the following vulnerability has been resolved:

    fanotify: fix false positive on permission events (CVE-2026-46150)

    In the Linux kernel, the following vulnerability has been resolved:

    md/raid10: fix divide-by-zero in setup_geo() with zero far_copies (CVE-2026-46161)

    In the Linux kernel, the following vulnerability has been resolved:

    mptcp: fix scheduling with atomic in timestamp sockopt (CVE-2026-46168)

    In the Linux kernel, the following vulnerability has been resolved:

    ipv6: xfrm6: release dst on error in xfrm6_rcv_encap() (CVE-2026-46172)

    In the Linux kernel, the following vulnerability has been resolved:

    drm/gem: Fix inconsistent plane dimension calculation in drm_gem_fb_init_with_funcs() (CVE-2026-46209)

    In the Linux kernel, the following vulnerability has been resolved:

    vsock/virtio: fix accept queue count leak on transport mismatch (CVE-2026-46214)

    In the Linux kernel, the following vulnerability has been resolved:

    sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL (CVE-2026-46227)

    In the Linux kernel, the following vulnerability has been resolved:

    vsock: fix buffer size clamping order (CVE-2026-46234)

    In the Linux kernel, the following vulnerability has been resolved:

    dm: fix a buffer overflow in ioctl processing (CVE-2026-46294)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2450-1 advisory.

    The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues

    The following security issues were fixed:

    - CVE-2025-10263: arm64: Add workaround for Cortex-A76 erratum 1286807 (bsc#1266290).
    - CVE-2025-40253: s390/ctcm: Fix double-kfree (bsc#1255084).
    - CVE-2025-68822: Input: alps - fix use-after-free bugs caused by dev3_register_work (bsc#1256668).
    - CVE-2026-3150: bcache: fix cached_dev.sb_bio use-after-free and crash (bsc#1263169).
    - CVE-2026-23271: perf: Fix __perf_event_overflow() vs perf_remove_from_context() race (bsc#1260018).
    - CVE-2026-23279: wifi: mac80211: fix NULL pointer dereference in mesh_rx_csa_frame() (bsc#1260468).
    - CVE-2026-23303: smb: client: Don't log plaintext credentials in cifs_set_cifscreds (bsc#1260502).
    - CVE-2026-23367: wifi: radiotap: reject radiotap with unknown bits (bsc#1260731).
    - CVE-2026-23396: wifi: mac80211: fix NULL deref in mesh_matches_local() (bsc#1260729).
    - CVE-2026-23444: wifi: mac80211: always free skb on ieee80211_tx_prepare_skb() failure (bsc#1266307).
    - CVE-2026-23448: net: usb: cdc_ncm: add ndpoffset to NDP16 nframes bounds check (bsc#1261750).
    - CVE-2026-31405: media: dvb-net: fix OOB access in ULE extension header tables (bsc#1261700).
    - CVE-2026-31415: ipv6: avoid overflows in ip6_datagram_send_ctl() (bsc#1262099).
    - CVE-2026-31421: net/sched: cls_fw: fix NULL pointer dereference on shared blocks (bsc#1262061).
    - CVE-2026-31447: ext4: reject mount if bigalloc with s_first_data_block != 0 (bsc#1262614).
    - CVE-2026-31452: ext4: convert inline data to extents when truncate exceeds inline size (bsc#1262620).
    - CVE-2026-31464: scsi: ibmvfc: Fix OOB access in ibmvfc_discover_targets_done() (bsc#1262656).
    - CVE-2026-31469: virtio_net: Fix UAF on dst_ops when IFF_XMIT_DST_RELEASE is cleared and napi_tx is false       (bsc#1267816).
    - CVE-2026-31498: Bluetooth: L2CAP: Fix ERTM re-init and zero pdu_len infinite loop (bsc#1262751).
    - CVE-2026-31500: Bluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock (bsc#1262993).
    - CVE-2026-31515: af_key: validate families in pfkey_send_migrate() (bsc#1262752).
    - CVE-2026-31516: xfrm: prevent policy_hthresh.work from racing with netns teardown (bsc#1262755).
    - CVE-2026-31532: can: af_can: export can_sock_destruct() (bsc#1262757).
    - CVE-2026-31540: drm/i915/gt: Check set_default_submission() before deferencing (bsc#1263011).
    - CVE-2026-31546: net: bonding: fix NULL deref in bond_debug_rlb_hash_show (bsc#1263006).
    - CVE-2026-31588: KVM: x86: Use scratch field in MMIO fragment to hold small write values (bsc#1263165).
    - CVE-2026-31590: KVM: SEV: Drop WARN on large size for KVM_MEMORY_ENCRYPT_REG_REGION (bsc#1263152).
    - CVE-2026-31596: ocfs2: handle invalid dinode in ocfs2_group_extend (bsc#1263319).
    - CVE-2026-31629: nfc: llcp: add missing return after LLCP_CLOSED checks (bsc#1263790).
    - CVE-2026-31664: string.h: Introduce memset_after() for wiping trailing members/padding (bsc#1263578).
    - CVE-2026-31668: seg6: separate dst_cache for input and output paths in seg6 lwtunnel (bsc#1263140).
    - CVE-2026-31671: xfrm_user: fix info leak in build_report() (bsc#1263115).
    - CVE-2026-31673: af_unix: read UNIX_DIAG_VFS data under unix_state_lock (bsc#1263143).
    - CVE-2026-31674: netfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check() (bsc#1263568).
    - CVE-2026-31678: openvswitch: defer tunnel netdev_put to RCU release (bsc#1263562).
    - CVE-2026-31759: usb: ulpi: fix double free in ulpi_register_interface() error path (bsc#1264076).
    - CVE-2026-31778: ALSA: caiaq: fix stack out-of-bounds read in init_card (bsc#1263923).
    - CVE-2026-43020: Bluetooth: MGMT: validate LTK enc_size on load (bsc#1264006).
    - CVE-2026-43024: netfilter: nf_tables: reject immediate NF_QUEUE verdict (bsc#1263930).
    - CVE-2026-43026: netfilter: ctnetlink: zero expect NAT fields when CTA_EXPECT_NAT absent (bsc#1263932).
    - CVE-2026-43028: netfilter: x_tables: ensure names are nul-terminated (bsc#1263934).
    - CVE-2026-43037: ip6_tunnel: clear skb2->cb in ip4ip6_err() (bsc#1263995).
    - CVE-2026-43038: ipv6: icmp: clear skb2->cb in ip6_err_gen_icmpv6_unreach() (bsc#1264097).
    - CVE-2026-43040: net: ipv6: ndisc: fix ndisc_ra_useropt to initialize nduseropt_padX fields to zero to     prevent an info-       leak (bsc#1264091).
    - CVE-2026-43052: wifi: mac80211: check tdls flag in ieee80211_tdls_oper (bsc#1263945).
    - CVE-2026-43077: crypto: algif_aead - Fix minimum RX size check for decryption (bsc#1264470).
    - CVE-2026-43140: HID: magicmouse: Do not crash on missing msc->input (bsc#1264630).
    - CVE-2026-43158: xfs: fix freemap adjustments when adding xattrs to leaf blocks (bsc#1264595).
    - CVE-2026-43187: xfs: delete attr leaf freemap entries when empty (bsc#1264603).
    - CVE-2026-43198: tcp: fix potential race in tcp_v6_syn_recv_sock() (bsc#1264610).
    - CVE-2026-43206: drm/amdkfd: Fix out-of-bounds write in kfd_event_page_set() (bsc#1264551).
    - CVE-2026-43234: team: avoid NETDEV_CHANGEMTU event when unregistering slave (bsc#1264409).
    - CVE-2026-43338: btrfs: reserve enough transaction items for qgroup ioctls (bsc#1264716).
    - CVE-2026-43339: ipv6: prevent possible UaF in addrconf_permanent_addr() (bsc#1264763).
    - CVE-2026-43359: btrfs: fix transaction abort on set received ioctl due to item overflow (bsc#1264719).
    - CVE-2026-43361: btrfs: fix transaction abort when snapshotting received subvolumes (bsc#1264722).
    - CVE-2026-43407: libceph: Fix potential out-of-bounds access in ceph_handle_auth_reply() (bsc#1265020).
    - CVE-2026-43413: scsi: hisi_sas: Fix NULL pointer exception during user_scan() (bsc#1264671).
    - CVE-2026-43414: scsi: qla2xxx: Completely fix fcport double free (bsc#1264669).
    - CVE-2026-43499: rtmutex: Use waiter::task instead of current in remove_waiter() (bsc#1266001).
    - CVE-2026-43503: net: skbuff: propagate shared-frag marker through frag-transfer helpers (bsc#1265960).
    - CVE-2026-45835: Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_new_connection_cb() (bsc#1266411).
    - CVE-2026-45841: netfilter: nfnetlink_osf: fix divide-by-zero in OSF_WSS_MODULO (bsc#1266390).
    - CVE-2026-45842: slip: reject VJ receive packets on instances with no rstate array (bsc#1266400).
    - CVE-2026-45843: slip: bound decode() reads against the compressed packet length (bsc#1266395).
    - CVE-2026-45852: RDMA/rxe: Fix double free in rxe_srq_from_init (bsc#1266711).
    - CVE-2026-45870: SUNRPC: auth_gss: fix memory leaks in XDR decoding error paths (bsc#1266704).
    - CVE-2026-45970: bonding: alb: fix UAF in rlb_arp_recv during bond up/down (bsc#1267205).
    - CVE-2026-45983: nfsd: never defer requests during idmap lookup (bsc#1266697).
    - CVE-2026-46021: thermal: core: Fix thermal zone governor cleanup issues (bsc#1267220).
    - CVE-2026-46024: libceph: Prevent potential null-ptr-deref in ceph_handle_auth_reply() (bsc#1267218).
    - CVE-2026-46043: RDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv (bsc#1266901).
    - CVE-2026-46090: ALSA: aloop: Fix peer runtime UAF during format-change stop (bsc#1267531).
    - CVE-2026-46113: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN (bsc#1266969).
    - CVE-2026-46116: xfrm: defensively unhash xfrm_state lists in __xfrm_state_delete (bsc#1267369).
    - CVE-2026-46150: fanotify: fix false positive on permission events (bsc#1267387).
    - CVE-2026-46157: ALSA: pcm: oss: Fix data race at accessing runtime.oss.trigger (bsc#1267726).
    - CVE-2026-46159: btrfs: fix btrfs_ioctl_space_info() slot_count TOCTOU which can lead to info-leak     (bsc#1267652).
    - CVE-2026-46160: btrfs: fix missing last_unlink_trans update when removing a directory (bsc#1267624).
    - CVE-2026-46169: hfsplus: fix uninit-value by validating catalog record size (bsc#1267713).
    - CVE-2026-46181: RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event() (bsc#1266826).
    - CVE-2026-46243: smb: client: reject userspace cifs.spnego descriptions (bsc#1266238).
    - CVE-2026-46259: procfs: fix missing RCU protection when reading real_parent in do_task_stat()     (bsc#1267685).
    - CVE-2026-46273: ibmveth: Disable GSO for packets with small MSS (bsc#1267651).

    The following non security issues were fixed:

    - arm64: tlb: Allow XZR argument to TLBI ops (git-fixes).
    - arm64: tlb: Optimize ARM64_WORKAROUND_REPEAT_TLBI (git-fixes).
    - bcache: fix uninitialized closure object (git-fixes).
    - check-for-config-changes: Exclude CC_MS_EXTENSIONS.
    - check-for-config-changes: Exclude HAVE_CFI_ICALL_NORMALIZE_INTEGERS{,_RUSTC}.
    - kvm/svm: PKU not currently supported (bsc#1263887).
    - KVM: x86: Handle PKU CPUID adjustment in VMX code (bsc#1263887).
    - mkspec: Add signature to source list only when it exists.
    - net/sched: cls_fw: fix NULL dereference of 'old' filters before change() (git-fixes).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

An update of the linux package has been released.

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1693 advisory.

    In the Linux kernel, the following vulnerability has been resolved:

    af_unix: Give up GC if MSG_PEEK intervened. (CVE-2026-23394)

    In the Linux kernel, the following vulnerability has been resolved:

    ipv6: add NULL checks for idev in SRv6 paths (CVE-2026-23442)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: conntrack: add missing netlink policy validations (CVE-2026-31407)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: ipset: drop logically empty buckets in mtype_del (CVE-2026-31418)

    In the Linux kernel, the following vulnerability has been resolved:

    net: skb: fix cross-cache free of KFENCE-allocated skb head (CVE-2026-31429)

    In the Linux kernel, the following vulnerability has been resolved:

    X.509: Fix out-of-bounds access when parsing extensions (CVE-2026-31430)

    In the Linux kernel, the following vulnerability has been resolved:

    ipv4: nexthop: allocate skb dynamically in rtm_get_nexthop() (CVE-2026-31531)

    In the Linux kernel, the following vulnerability has been resolved:

    can: raw: fix ro->uniq use-after-free in raw_rcv() (CVE-2026-31532)

    In the Linux kernel, the following vulnerability has been resolved:

    net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption (CVE-2026-31533)

    In the Linux kernel, the following vulnerability has been resolved:

    mm/userfaultfd: fix hugetlb fault mutex hash calculation (CVE-2026-31575)

    In the Linux kernel, the following vulnerability has been resolved:

    wireguard: device: use exit_rtnl callback instead of manual rtnl_lock in pre_exit (CVE-2026-31579)

    In the Linux kernel, the following vulnerability has been resolved:

    bcache: fix cached_dev.sb_bio use-after-free and crash (CVE-2026-31580)

    In the Linux kernel, the following vulnerability has been resolved:

    mm: blk-cgroup: fix use-after-free in cgwb_release_workfn() (CVE-2026-31586)

    In the Linux kernel, the following vulnerability has been resolved:

    KVM: x86: Use scratch field in MMIO fragment to hold small write values (CVE-2026-31588)

    In the Linux kernel, the following vulnerability has been resolved:

    KVM: SEV: Lock all vCPUs when synchronzing VMSAs for SNP launch finish (CVE-2026-31591)

    In the Linux kernel, the following vulnerability has been resolved:

    KVM: SEV: Protect *all* of sev_mem_enc_register_region() with kvm->lock (CVE-2026-31592)

    In the Linux kernel, the following vulnerability has been resolved:

    KVM: SEV: Reject attempts to sync VMSA of an already-launched/encrypted vCPU (CVE-2026-31593)

    In the Linux kernel, the following vulnerability has been resolved:

    arm64: mm: Handle invalid large leaf mappings correctly (CVE-2026-31600)

    In the Linux kernel, the following vulnerability has been resolved:

    usbip: validate number_of_packets in usbip_pack_ret_submit() (CVE-2026-31607)

    In the Linux kernel, the following vulnerability has been resolved:

    smb: client: fix OOB reads parsing symlink error response (CVE-2026-31613)

    In the Linux kernel, the following vulnerability has been resolved:

    smb: client: fix off-by-8 bounds check in check_wsl_eas() (CVE-2026-31614)

    In the Linux kernel, the following vulnerability has been resolved:

    HID: core: clamp report_size in s32ton() to avoid undefined shift (CVE-2026-31624)

    In the Linux kernel, the following vulnerability has been resolved:

    HID: alps: fix NULL pointer dereference in alps_raw_event() (CVE-2026-31625)

    In the Linux kernel, the following vulnerability has been resolved:

    x86/CPU: Fix FPDSS on Zen1 (CVE-2026-31628)

    In the Linux kernel, the following vulnerability has been resolved:

    rxrpc: fix reference count leak in rxrpc_server_keyring() (CVE-2026-31634)

    In the Linux kernel, the following vulnerability has been resolved:

    rxrpc: reject undecryptable rxkad response tickets (CVE-2026-31637)

    In the Linux kernel, the following vulnerability has been resolved:

    mm: filemap: fix nr_pages calculation overflow in filemap_map_pages() (CVE-2026-31648)

    In the Linux kernel, the following vulnerability has been resolved:

    mm/damon/sysfs: dealloc repeat_call_control if damon_call() fails (CVE-2026-31653)

    In the Linux kernel, the following vulnerability has been resolved:

    drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat (CVE-2026-31656)

    In the Linux kernel, the following vulnerability has been resolved:

    tipc: fix bc_ackers underflow on duplicate GRP_ACK_MSG (CVE-2026-31662)

    In the Linux kernel, the following vulnerability has been resolved:

    xfrm: hold dev ref until after transport_finish NF_HOOK (CVE-2026-31663)

    In the Linux kernel, the following vulnerability has been resolved:

    xfrm: clear trailing padding in build_polexpire() (CVE-2026-31664)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: nft_ct: fix use-after-free in timeout object destroy (CVE-2026-31665)

    In the Linux kernel, the following vulnerability has been resolved:

    btrfs: fix incorrect return value after changing leaf in lookup_extent_data_ref() (CVE-2026-31666)

    In the Linux kernel, the following vulnerability has been resolved:

    Input: uinput - fix circular locking dependency with ff-core (CVE-2026-31667)

    In the Linux kernel, the following vulnerability has been resolved:

    seg6: separate dst_cache for input and output paths in seg6 lwtunnel (CVE-2026-31668)

    In the Linux kernel, the following vulnerability has been resolved:

    mptcp: fix slab-use-after-free in __inet_lookup_established (CVE-2026-31669)

    In the Linux kernel, the following vulnerability has been resolved:

    xfrm_user: fix info leak in build_report() (CVE-2026-31671)

    In the Linux kernel, the following vulnerability has been resolved:

    af_unix: read UNIX_DIAG_VFS data under unix_state_lock (CVE-2026-31673)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: xt_multiport: validate range encoding in checkentry (CVE-2026-31681)

    In the Linux kernel, the following vulnerability has been resolved:

    net: sched: act_csum: validate nested VLAN headers (CVE-2026-31684)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: ip6t_eui64: reject invalid MAC header for all packets (CVE-2026-31685)

    In the Linux kernel, the following vulnerability has been resolved:

    EDAC/mc: Fix error path ordering in edac_mc_alloc() (CVE-2026-31689)

    In the Linux kernel, the following vulnerability has been resolved:

    igb: remove napi_synchronize() in igb_down() (CVE-2026-31691)

    In the Linux kernel, the following vulnerability has been resolved:

    rtnetlink: add missing netlink_ns_capable() check for peer netns (CVE-2026-31692)

    In the Linux kernel, the following vulnerability has been resolved:

    fuse: reject oversized dirents in page cache (CVE-2026-31694)

    In the Linux kernel, the following vulnerability has been resolved:

    net/packet: fix TOCTOU race on mmap'd vnet_hdr in tpacket_snd() (CVE-2026-31700)

    In the Linux kernel, the following vulnerability has been resolved:

    writeback: Fix use after free in inode_switch_wbs_work_fn() (CVE-2026-31703)

    In the Linux kernel, the following vulnerability has been resolved:

    smb: client: fix OOB read in smb2_ioctl_query_info QUERY_INFO path (CVE-2026-31708)

    In the Linux kernel, the following vulnerability has been resolved:

    fuse: abort on fatal signal during sync init (CVE-2026-31713)

    In the Linux kernel, the following vulnerability has been resolved:

    fs/ntfs3: validate rec->used in journal-replay file record check (CVE-2026-31716)

    In the Linux kernel, the following vulnerability has been resolved:

    crypto: krb5enc - fix async decrypt skipping hash verification (CVE-2026-31719)

    In the Linux kernel, the following vulnerability has been resolved:

    dcache: Limit the minimal number of bucket to two (CVE-2026-43071)

    In the Linux kernel, the following vulnerability has been resolved:

    x86-64: rename misleadingly named '__copy_user_nocache()' function (CVE-2026-43073)

    In the Linux kernel, the following vulnerability has been resolved:

    eventpoll: defer struct eventpoll free to RCU grace period (CVE-2026-43074)

    In the Linux kernel, the following vulnerability has been resolved:

    perf/x86/intel/uncore: Skip discovery table for offline dies (CVE-2026-43079)

    In the Linux kernel, the following vulnerability has been resolved:

    net: ioam6: fix OOB and missing lock (CVE-2026-43083)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: nfnetlink_queue: make hash table per queue (CVE-2026-43084)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: nfnetlink_log: initialize nfgenmsg in NLMSG_DONE terminator (CVE-2026-43085)

    In the Linux kernel, the following vulnerability has been resolved:

    ipvs: fix NULL deref in ip_vs_add_service error path (CVE-2026-43086)

    In the Linux kernel, the following vulnerability has been resolved:

    xfrm_user: fix info leak in build_mapping() (CVE-2026-43089)

    In the Linux kernel, the following vulnerability has been resolved:

    xfrm: fix refcount leak in xfrm_migrate_policy_find (CVE-2026-43090)

    In the Linux kernel, the following vulnerability has been resolved:

    xfrm: Wait for RCU readers during policy netns exit (CVE-2026-43091)

    In the Linux kernel, the following vulnerability has been resolved:

    xsk: validate MTU against usable frame size on bind (CVE-2026-43092)

    In the Linux kernel, the following vulnerability has been resolved:

    xsk: tighten UMEM headroom validation to account for tailroom and min frame (CVE-2026-43093)

    In the Linux kernel, the following vulnerability has been resolved:

    ixgbevf: add missing negotiate_features op to Hyper-V ops table (CVE-2026-43094)

    In the Linux kernel, the following vulnerability has been resolved:

    ipv4: icmp: fix null-ptr-deref in icmp_build_probe() (CVE-2026-43099)

    In the Linux kernel, the following vulnerability has been resolved:

    bridge: guard local VLAN-0 FDB helpers against NULL vlan group (CVE-2026-43100)

    In the Linux kernel, the following vulnerability has been resolved:

    ipv6: ioam: fix potential NULL dereferences in __ioam6_fill_trace_data() (CVE-2026-43101)

    In the Linux kernel, the following vulnerability has been resolved:

    xfrm: account XFRMA_IF_ID in aevent size calculation (CVE-2026-43107)

    In the Linux kernel, the following vulnerability has been resolved:

    x86: shadow stacks: proper error handling for mmap lock (CVE-2026-43109)

    In the Linux kernel, the following vulnerability has been resolved:

    fs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath (CVE-2026-43112)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: nft_set_pipapo_avx2: don't return non-matching entry on expiry (CVE-2026-43114)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: ctnetlink: ensure safe access to master conntrack (CVE-2026-43116)

    In the Linux kernel, the following vulnerability has been resolved:

    btrfs: tracepoints: get correct superblock from dentry in event btrfs_sync_file() (CVE-2026-43117)

    In the Linux kernel, the following vulnerability has been resolved:

    btrfs: fix zero size inode with non-zero size after log replay (CVE-2026-43118)

    In the Linux kernel, the following vulnerability has been resolved:xfrm: esp: avoid in-place decrypt on     shared skb frags

    Dirty Frag and other issues in Amazon Linux kernels:https://aws.amazon.com/security/security-     bulletins/2026-027-aws/ (CVE-2026-43284)

    In the Linux kernel, the following vulnerability has been resolved:

    smb: client: require a full NFS mode SID before reading mode bits (CVE-2026-43350)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1695 advisory.

    In the Linux kernel, the following vulnerability has been resolved:

    btrfs: do not free data reservation in fallback from inline due to -ENOSPC (CVE-2025-71269)

    In the Linux kernel, the following vulnerability has been resolved:

    gpiolib: fix race condition for gdev->srcu (CVE-2026-22986)

    In the Linux kernel, the following vulnerability has been resolved:

    net: annotate data-races around sk->sk_{data_ready,write_space} (CVE-2026-23302)

    In the Linux kernel, the following vulnerability has been resolved:

    blktrace: fix __this_cpu_read/write in preemptible context (CVE-2026-23374)

    In the Linux kernel, the following vulnerability has been resolved:

    ice: Fix memory leak in ice_set_ringparam() (CVE-2026-23389)

    In the Linux kernel, the following vulnerability has been resolved:

    ipv6: add NULL checks for idev in SRv6 paths (CVE-2026-23442)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: conntrack: add missing netlink policy validations (CVE-2026-31407)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: nf_conntrack_expect: use expect->helper (CVE-2026-31414)

    In the Linux kernel, the following vulnerability has been resolved:

    ipv6: avoid overflows in ip6_datagram_send_ctl() (CVE-2026-31415)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: nfnetlink_log: account for netlink header size (CVE-2026-31416)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: ipset: drop logically empty buckets in mtype_del (CVE-2026-31418)

    In the Linux kernel, the following vulnerability has been resolved:

    net/sched: cls_fw: fix NULL pointer dereference on shared blocks (CVE-2026-31421)

    In the Linux kernel, the following vulnerability has been resolved:

    net/sched: cls_flow: fix NULL pointer dereference on shared blocks (CVE-2026-31422)

    In the Linux kernel, the following vulnerability has been resolved:

    net/sched: sch_hfsc: fix divide-by-zero in rtsc_min() (CVE-2026-31423)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: x_tables: restrict xt_check_match/xt_check_target extensions for NFPROTO_ARP (CVE-2026-31424)

    In the Linux kernel, the following vulnerability has been resolved:

    net: skb: fix cross-cache free of KFENCE-allocated skb head (CVE-2026-31429)

    In the Linux kernel, the following vulnerability has been resolved:

    X.509: Fix out-of-bounds access when parsing extensions (CVE-2026-31430)

    In the Linux kernel, the following vulnerability has been resolved:

    ext4: publish jinode after initialization (CVE-2026-31450)

    In the Linux kernel, the following vulnerability has been resolved:

    mm/huge_memory: fix folio isn't locked in softleaf_to_folio() (CVE-2026-31466)

    In the Linux kernel, the following vulnerability has been resolved:

    ipv4: nexthop: allocate skb dynamically in rtm_get_nexthop() (CVE-2026-31531)

    In the Linux kernel, the following vulnerability has been resolved:

    can: raw: fix ro->uniq use-after-free in raw_rcv() (CVE-2026-31532)

    In the Linux kernel, the following vulnerability has been resolved:

    net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption (CVE-2026-31533)

    In the Linux kernel, the following vulnerability has been resolved:

    bcache: fix cached_dev.sb_bio use-after-free and crash (CVE-2026-31580)

    In the Linux kernel, the following vulnerability has been resolved:

    mm: blk-cgroup: fix use-after-free in cgwb_release_workfn() (CVE-2026-31586)

    In the Linux kernel, the following vulnerability has been resolved:

    KVM: x86: Use scratch field in MMIO fragment to hold small write values (CVE-2026-31588)

    In the Linux kernel, the following vulnerability has been resolved:

    KVM: SEV: Reject attempts to sync VMSA of an already-launched/encrypted vCPU (CVE-2026-31593)

    In the Linux kernel, the following vulnerability has been resolved:

    usbip: validate number_of_packets in usbip_pack_ret_submit() (CVE-2026-31607)

    In the Linux kernel, the following vulnerability has been resolved:

    smb: client: fix off-by-8 bounds check in check_wsl_eas() (CVE-2026-31614)

    In the Linux kernel, the following vulnerability has been resolved:

    HID: core: clamp report_size in s32ton() to avoid undefined shift (CVE-2026-31624)

    In the Linux kernel, the following vulnerability has been resolved:

    HID: alps: fix NULL pointer dereference in alps_raw_event() (CVE-2026-31625)

    In the Linux kernel, the following vulnerability has been resolved:

    x86/CPU: Fix FPDSS on Zen1 (CVE-2026-31628)

    In the Linux kernel, the following vulnerability has been resolved:

    rxrpc: fix reference count leak in rxrpc_server_keyring() (CVE-2026-31634)

    In the Linux kernel, the following vulnerability has been resolved:

    rxrpc: reject undecryptable rxkad response tickets (CVE-2026-31637)

    In the Linux kernel, the following vulnerability has been resolved:

    mm: filemap: fix nr_pages calculation overflow in filemap_map_pages() (CVE-2026-31648)

    In the Linux kernel, the following vulnerability has been resolved:

    drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat (CVE-2026-31656)

    In the Linux kernel, the following vulnerability has been resolved:

    tipc: fix bc_ackers underflow on duplicate GRP_ACK_MSG (CVE-2026-31662)

    In the Linux kernel, the following vulnerability has been resolved:

    xfrm: clear trailing padding in build_polexpire() (CVE-2026-31664)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: nft_ct: fix use-after-free in timeout object destroy (CVE-2026-31665)

    In the Linux kernel, the following vulnerability has been resolved:

    btrfs: fix incorrect return value after changing leaf in lookup_extent_data_ref() (CVE-2026-31666)

    In the Linux kernel, the following vulnerability has been resolved:

    Input: uinput - fix circular locking dependency with ff-core (CVE-2026-31667)

    In the Linux kernel, the following vulnerability has been resolved:

    seg6: separate dst_cache for input and output paths in seg6 lwtunnel (CVE-2026-31668)

    In the Linux kernel, the following vulnerability has been resolved:

    mptcp: fix slab-use-after-free in __inet_lookup_established (CVE-2026-31669)

    In the Linux kernel, the following vulnerability has been resolved:

    xfrm_user: fix info leak in build_report() (CVE-2026-31671)

    In the Linux kernel, the following vulnerability has been resolved:

    af_unix: read UNIX_DIAG_VFS data under unix_state_lock (CVE-2026-31673)

    In the Linux kernel, the following vulnerability has been resolved:

    net/sched: sch_netem: fix out-of-bounds access in packet corruption (CVE-2026-31675)

    In the Linux kernel, the following vulnerability has been resolved:

    crypto: af_alg - limit RX SG extraction by receive buffer budget (CVE-2026-31677)

    In the Linux kernel, the following vulnerability has been resolved:

    net: ipv6: flowlabel: defer exclusive option free until RCU teardown (CVE-2026-31680)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: xt_multiport: validate range encoding in checkentry (CVE-2026-31681)

    In the Linux kernel, the following vulnerability has been resolved:

    bridge: br_nd_send: linearize skb before parsing ND options (CVE-2026-31682)

    In the Linux kernel, the following vulnerability has been resolved:

    net: sched: act_csum: validate nested VLAN headers (CVE-2026-31684)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: ip6t_eui64: reject invalid MAC header for all packets (CVE-2026-31685)

    In the Linux kernel, the following vulnerability has been resolved:

    EDAC/mc: Fix error path ordering in edac_mc_alloc() (CVE-2026-31689)

    In the Linux kernel, the following vulnerability has been resolved:

    thermal: core: Address thermal zone removal races with resume (CVE-2026-31731)

    In the Linux kernel, the following vulnerability has been resolved:

    sched_ext: Fix stale direct dispatch state in ddsp_dsq_id (CVE-2026-31733)

    In the Linux kernel, the following vulnerability has been resolved:

    vxlan: validate ND option lengths in vxlan_na_create (CVE-2026-31738)

    In the Linux kernel, the following vulnerability has been resolved:

    bridge: br_nd_send: validate ND option lengths (CVE-2026-31752)

    In the Linux kernel, the following vulnerability has been resolved:

    drm/i915/dsi: Don't do DSC horizontal timing adjustments in command mode (CVE-2026-31767)

    In the Linux kernel, the following vulnerability has been resolved:

    io_uring/net: fix slab-out-of-bounds read in io_bundle_nbufs() (CVE-2026-31774)

    In the Linux kernel, the following vulnerability has been resolved:

    drm/ioc32: stop speculation on the drm_compat_ioctl path (CVE-2026-31781)

    In the Linux kernel, the following vulnerability has been resolved:

    net/mlx5: Fix switchdev mode rollback in case of failure (CVE-2026-43012)

    In the Linux kernel, the following vulnerability has been resolved:

    net/mlx5: lag: Check for LAG device before creating debugfs (CVE-2026-43013)

    In the Linux kernel, the following vulnerability has been resolved:

    bpf: sockmap: Fix use-after-free of sk->sk_socket in sk_psock_verdict_data_ready(). (CVE-2026-43016)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: nf_tables: reject immediate NF_QUEUE verdict (CVE-2026-43024)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: ctnetlink: ignore explicit helper on new expectations (CVE-2026-43025)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: ctnetlink: zero expect NAT fields when CTA_EXPECT_NAT absent (CVE-2026-43026)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: nf_conntrack_helper: pass helper to expect cleanup (CVE-2026-43027)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: x_tables: ensure names are nul-terminated (CVE-2026-43028)

    In the Linux kernel, the following vulnerability has been resolved:

    bpf: Fix regsafe() for pointers to packet (CVE-2026-43030)

    In the Linux kernel, the following vulnerability has been resolved:

    net: sched: cls_api: fix tc_chain_fill_node to initialize tcm_info to zero to prevent an info-leak     (CVE-2026-43035)

    In the Linux kernel, the following vulnerability has been resolved:

    net: use skb_header_pointer() for TCPv4 GSO frag_off check (CVE-2026-43036)

    In the Linux kernel, the following vulnerability has been resolved:

    ip6_tunnel: clear skb2->cb[] in ip4ip6_err() (CVE-2026-43037)

    In the Linux kernel, the following vulnerability has been resolved:

    ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach() (CVE-2026-43038)

    In the Linux kernel, the following vulnerability has been resolved:

    net: ipv6: ndisc: fix ndisc_ra_useropt to initialize nduseropt_padX fields to zero to prevent an info-leak     (CVE-2026-43040)

    In the Linux kernel, the following vulnerability has been resolved:

    crypto: af-alg - fix NULL pointer dereference in scatterwalk (CVE-2026-43043)

    In the Linux kernel, the following vulnerability has been resolved:

    btrfs: reject root items with drop_progress and zero drop_level (CVE-2026-43046)

    In the Linux kernel, the following vulnerability has been resolved:

    HID: multitouch: Check to ensure report responses match the request (CVE-2026-43047)

    In the Linux kernel, the following vulnerability has been resolved:

    scsi: target: tcm_loop: Drain commands in target_reset handler (CVE-2026-43054)

    In the Linux kernel, the following vulnerability has been resolved:

    net: correctly handle tunneled traffic on IPV6_CSUM GSO fallback (CVE-2026-43057)

    In the Linux kernel, the following vulnerability has been resolved:

    dcache: Limit the minimal number of bucket to two (CVE-2026-43071)

    In the Linux kernel, the following vulnerability has been resolved:

    x86-64: rename misleadingly named '__copy_user_nocache()' function (CVE-2026-43073)

    In the Linux kernel, the following vulnerability has been resolved:

    eventpoll: defer struct eventpoll free to RCU grace period (CVE-2026-43074)

    In the Linux kernel, the following vulnerability has been resolved:

    perf/x86/intel/uncore: Skip discovery table for offline dies (CVE-2026-43079)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: nfnetlink_queue: make hash table per queue (CVE-2026-43084)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: nfnetlink_log: initialize nfgenmsg in NLMSG_DONE terminator (CVE-2026-43085)

    In the Linux kernel, the following vulnerability has been resolved:

    ipvs: fix NULL deref in ip_vs_add_service error path (CVE-2026-43086)

    In the Linux kernel, the following vulnerability has been resolved:

    xfrm_user: fix info leak in build_mapping() (CVE-2026-43089)

    In the Linux kernel, the following vulnerability has been resolved:

    xfrm: fix refcount leak in xfrm_migrate_policy_find (CVE-2026-43090)

    In the Linux kernel, the following vulnerability has been resolved:

    xfrm: Wait for RCU readers during policy netns exit (CVE-2026-43091)

    In the Linux kernel, the following vulnerability has been resolved:

    xsk: validate MTU against usable frame size on bind (CVE-2026-43092)

    In the Linux kernel, the following vulnerability has been resolved:

    xsk: tighten UMEM headroom validation to account for tailroom and min frame (CVE-2026-43093)

    In the Linux kernel, the following vulnerability has been resolved:

    ixgbevf: add missing negotiate_features op to Hyper-V ops table (CVE-2026-43094)

    In the Linux kernel, the following vulnerability has been resolved:

    ipv4: icmp: fix null-ptr-deref in icmp_build_probe() (CVE-2026-43099)

    In the Linux kernel, the following vulnerability has been resolved:

    xfrm: account XFRMA_IF_ID in aevent size calculation (CVE-2026-43107)

    In the Linux kernel, the following vulnerability has been resolved:

    fs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath (CVE-2026-43112)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: nft_set_pipapo_avx2: don't return non-matching entry on expiry (CVE-2026-43114)

    In the Linux kernel, the following vulnerability has been resolved:

    btrfs: tracepoints: get correct superblock from dentry in event btrfs_sync_file() (CVE-2026-43117)

    In the Linux kernel, the following vulnerability has been resolved:xfrm: esp: avoid in-place decrypt on     shared skb frags

    Dirty Frag and other issues in Amazon Linux kernels:https://aws.amazon.com/security/security-     bulletins/2026-027-aws/ (CVE-2026-43284)

    In the Linux kernel, the following vulnerability has been resolved:

    sched/fair: Fix zero_vruntime tracking fix (CVE-2026-43323)

    In the Linux kernel, the following vulnerability has been resolved:

    cpufreq: governor: fix double free in cpufreq_dbs_governor_init() error path (CVE-2026-43328)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: flowtable: strictly check for maximum number of actions (CVE-2026-43329)

    In the Linux kernel, the following vulnerability has been resolved:

    thermal: core: Fix thermal zone device registration error path (CVE-2026-43332)

    In the Linux kernel, the following vulnerability has been resolved:

    bpf: reject direct access to nullable PTR_TO_BUF pointers (CVE-2026-43333)

    In the Linux kernel, the following vulnerability has been resolved:

    lib/crypto: chacha: Zeroize permuted_state before it leaves scope (CVE-2026-43336)

    In the Linux kernel, the following vulnerability has been resolved:

    btrfs: reserve enough transaction items for qgroup ioctls (CVE-2026-43338)

    In the Linux kernel, the following vulnerability has been resolved:

    ipv6: prevent possible UaF in addrconf_permanent_addr() (CVE-2026-43339)

    In the Linux kernel, the following vulnerability has been resolved:

    net/ipv6: ioam6: prevent schema length wraparound in trace fill (CVE-2026-43341)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6238 advisory.

    - -------------------------------------------------------------------------     Debian Security Advisory DSA-6238-1                   security@debian.org     https://www.debian.org/security/                     Salvatore Bonaccorso     April 30, 2026                        https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package        : linux     CVE ID         : CVE-2024-14027 CVE-2025-21709 CVE-2025-22116 CVE-2025-22117                      CVE-2025-38426 CVE-2025-38627 CVE-2025-39764 CVE-2025-40005                      CVE-2025-40135 CVE-2025-40147 CVE-2025-40150 CVE-2025-40219                      CVE-2025-68175 CVE-2025-68239 CVE-2025-68334 CVE-2025-68736                      CVE-2025-71152 CVE-2025-71161 CVE-2025-71221 CVE-2025-71239                      CVE-2025-71265 CVE-2025-71266 CVE-2025-71267 CVE-2025-71269                      CVE-2026-22981 CVE-2026-22985 CVE-2026-22986 CVE-2026-22993                      CVE-2026-23004 CVE-2026-23066 CVE-2026-23070 CVE-2026-23104                      CVE-2026-23138 CVE-2026-23157 CVE-2026-23207 CVE-2026-23210                      CVE-2026-23226 CVE-2026-23227 CVE-2026-23231 CVE-2026-23239                      CVE-2026-23240 CVE-2026-23242 CVE-2026-23243 CVE-2026-23244                      CVE-2026-23245 CVE-2026-23246 CVE-2026-23249 CVE-2026-23250                      CVE-2026-23251 CVE-2026-23252 CVE-2026-23253 CVE-2026-23255                      CVE-2026-23270 CVE-2026-23271 CVE-2026-23273 CVE-2026-23274                      CVE-2026-23276 CVE-2026-23277 CVE-2026-23278 CVE-2026-23279                      CVE-2026-23281 CVE-2026-23284 CVE-2026-23285 CVE-2026-23286                      CVE-2026-23287 CVE-2026-23289 CVE-2026-23290 CVE-2026-23291                      CVE-2026-23292 CVE-2026-23293 CVE-2026-23296 CVE-2026-23297                      CVE-2026-23298 CVE-2026-23300 CVE-2026-23302 CVE-2026-23303                      CVE-2026-23304 CVE-2026-23306 CVE-2026-23307 CVE-2026-23308                      CVE-2026-23310 CVE-2026-23312 CVE-2026-23313 CVE-2026-23315                      CVE-2026-23316 CVE-2026-23317 CVE-2026-23318 CVE-2026-23319                      CVE-2026-23321 CVE-2026-23324 CVE-2026-23325 CVE-2026-23330                      CVE-2026-23334 CVE-2026-23335 CVE-2026-23336 CVE-2026-23339                      CVE-2026-23340 CVE-2026-23343 CVE-2026-23347 CVE-2026-23351                      CVE-2026-23352 CVE-2026-23354 CVE-2026-23356 CVE-2026-23357                      CVE-2026-23359 CVE-2026-23360 CVE-2026-23361 CVE-2026-23362                      CVE-2026-23363 CVE-2026-23364 CVE-2026-23365 CVE-2026-23367                      CVE-2026-23368 CVE-2026-23369 CVE-2026-23370 CVE-2026-23372                      CVE-2026-23373 CVE-2026-23374 CVE-2026-23375 CVE-2026-23378                      CVE-2026-23379 CVE-2026-23380 CVE-2026-23381 CVE-2026-23382                      CVE-2026-23383 CVE-2026-23386 CVE-2026-23387 CVE-2026-23388                      CVE-2026-23389 CVE-2026-23391 CVE-2026-23392 CVE-2026-23393                      CVE-2026-23395 CVE-2026-23396 CVE-2026-23397 CVE-2026-23398                      CVE-2026-23399 CVE-2026-23401 CVE-2026-23412 CVE-2026-23413                      CVE-2026-23414 CVE-2026-23417 CVE-2026-23419 CVE-2026-23420                      CVE-2026-23422 CVE-2026-23426 CVE-2026-23427 CVE-2026-23428                      CVE-2026-23434 CVE-2026-23438 CVE-2026-23439 CVE-2026-23440                      CVE-2026-23441 CVE-2026-23442 CVE-2026-23444 CVE-2026-23445                      CVE-2026-23446 CVE-2026-23447 CVE-2026-23448 CVE-2026-23449                      CVE-2026-23450 CVE-2026-23452 CVE-2026-23454 CVE-2026-23455                      CVE-2026-23456 CVE-2026-23457 CVE-2026-23458 CVE-2026-23460                      CVE-2026-23461 CVE-2026-23462 CVE-2026-23463 CVE-2026-23464                      CVE-2026-23465 CVE-2026-23466 CVE-2026-23470 CVE-2026-23474                      CVE-2026-23475 CVE-2026-31389 CVE-2026-31391 CVE-2026-31392                      CVE-2026-31393 CVE-2026-31394 CVE-2026-31396 CVE-2026-31399                      CVE-2026-31400 CVE-2026-31401 CVE-2026-31402 CVE-2026-31403                      CVE-2026-31405 CVE-2026-31406 CVE-2026-31407 CVE-2026-31408                      CVE-2026-31409 CVE-2026-31410 CVE-2026-31411 CVE-2026-31412                      CVE-2026-31414 CVE-2026-31415 CVE-2026-31416 CVE-2026-31417                      CVE-2026-31418 CVE-2026-31421 CVE-2026-31422 CVE-2026-31423                      CVE-2026-31424 CVE-2026-31425 CVE-2026-31426 CVE-2026-31427                      CVE-2026-31428 CVE-2026-31429 CVE-2026-31430 CVE-2026-31431                      CVE-2026-31432 CVE-2026-31433 CVE-2026-31434 CVE-2026-31436                      CVE-2026-31438 CVE-2026-31439 CVE-2026-31440 CVE-2026-31441                      CVE-2026-31446 CVE-2026-31447 CVE-2026-31448 CVE-2026-31449                      CVE-2026-31450 CVE-2026-31451 CVE-2026-31452 CVE-2026-31453                      CVE-2026-31454 CVE-2026-31455 CVE-2026-31458 CVE-2026-31462                      CVE-2026-31464 CVE-2026-31466 CVE-2026-31467 CVE-2026-31469                      CVE-2026-31470 CVE-2026-31473 CVE-2026-31474 CVE-2026-31476                      CVE-2026-31477 CVE-2026-31478 CVE-2026-31479 CVE-2026-31480                      CVE-2026-31482 CVE-2026-31483 CVE-2026-31485 CVE-2026-31487                      CVE-2026-31488 CVE-2026-31489 CVE-2026-31492 CVE-2026-31494                      CVE-2026-31495 CVE-2026-31496 CVE-2026-31497 CVE-2026-31498                      CVE-2026-31500 CVE-2026-31502 CVE-2026-31503 CVE-2026-31504                      CVE-2026-31505 CVE-2026-31506 CVE-2026-31507 CVE-2026-31508                      CVE-2026-31509 CVE-2026-31510 CVE-2026-31511 CVE-2026-31512                      CVE-2026-31515 CVE-2026-31516 CVE-2026-31518 CVE-2026-31519                      CVE-2026-31520 CVE-2026-31521 CVE-2026-31522 CVE-2026-31523                      CVE-2026-31524 CVE-2026-31525 CVE-2026-31527 CVE-2026-31528                      CVE-2026-31530 CVE-2026-31531 CVE-2026-31532 CVE-2026-31533                      CVE-2026-31540 CVE-2026-31542 CVE-2026-31545 CVE-2026-31546                      CVE-2026-31548 CVE-2026-31549 CVE-2026-31550 CVE-2026-31551                      CVE-2026-31552 CVE-2026-31554 CVE-2026-31555 CVE-2026-31556                      CVE-2026-31557 CVE-2026-31558 CVE-2026-31559 CVE-2026-31561                      CVE-2026-31563 CVE-2026-31565 CVE-2026-31566 CVE-2026-31570                      CVE-2026-31575 CVE-2026-31576 CVE-2026-31577 CVE-2026-31578                      CVE-2026-31580 CVE-2026-31581 CVE-2026-31582 CVE-2026-31583                      CVE-2026-31584 CVE-2026-31585 CVE-2026-31586 CVE-2026-31587                      CVE-2026-31588 CVE-2026-31590 CVE-2026-31593 CVE-2026-31594                      CVE-2026-31595 CVE-2026-31596 CVE-2026-31597 CVE-2026-31598                      CVE-2026-31599 CVE-2026-31602 CVE-2026-31603 CVE-2026-31604                      CVE-2026-31605 CVE-2026-31606 CVE-2026-31607 CVE-2026-31610                      CVE-2026-31611 CVE-2026-31612 CVE-2026-31614 CVE-2026-31615                      CVE-2026-31616 CVE-2026-31617 CVE-2026-31618 CVE-2026-31619                      CVE-2026-31622 CVE-2026-31623 CVE-2026-31624 CVE-2026-31625                      CVE-2026-31626 CVE-2026-31627 CVE-2026-31628 CVE-2026-31629                      CVE-2026-31634 CVE-2026-31637 CVE-2026-31638 CVE-2026-31639                      CVE-2026-31642 CVE-2026-31644 CVE-2026-31645 CVE-2026-31646                      CVE-2026-31647 CVE-2026-31648 CVE-2026-31649 CVE-2026-31651                      CVE-2026-31655 CVE-2026-31656 CVE-2026-31657 CVE-2026-31658                      CVE-2026-31659 CVE-2026-31660 CVE-2026-31661 CVE-2026-31662                      CVE-2026-31664 CVE-2026-31665 CVE-2026-31666 CVE-2026-31667                      CVE-2026-31668 CVE-2026-31669 CVE-2026-31670 CVE-2026-31671                      CVE-2026-31672 CVE-2026-31673 CVE-2026-31674 CVE-2026-31675                      CVE-2026-31676 CVE-2026-31677 CVE-2026-31678 CVE-2026-31679                      CVE-2026-31680 CVE-2026-31681 CVE-2026-31682 CVE-2026-31683                      CVE-2026-31684 CVE-2026-31685 CVE-2026-31686 CVE-2026-31689                      CVE-2026-31693 CVE-2026-31786 CVE-2026-31787 CVE-2026-31788

    Several vulnerabilities have been discovered in the Linux kernel that     may lead to a privilege escalation, denial of service or information     leaks.

    For the stable distribution (trixie), these problems have been fixed in     version 6.12.85-1.

    We recommend that you upgrade your linux packages.

    For the detailed security status of linux please refer to its security     tracker page at:
    https://security-tracker.debian.org/tracker/linux

    Further information about Debian Security Advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - af_unix: read UNIX_DIAG_VFS data under unix_state_lock Exact UNIX diag lookups hold a reference to the     socket, but not to u->path. Meanwhile, unix_release_sock() clears u->path under unix_state_lock() and     drops the path reference after unlocking. Read the inode and device numbers for UNIX_DIAG_VFS while     holding unix_state_lock(), then emit the netlink attribute after dropping the lock. This keeps the VFS     data stable while the reply is being built. (CVE-2026-31673)

Note that Nessus relies on the presence of the package as reported by the vendor.

ID	Name	Product	Family	Severity
322088	Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2026-1882)	Nessus	Amazon Linux Local Security Checks	high
322048	Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.15-2026-107 (ALASKERNEL-5.15-2026-107)	Nessus	Amazon Linux Local Security Checks	high
321690	SUSE SLES12 Security Update : kernel (SUSE-SU-2026:2450-1)	Nessus	SuSE Local Security Checks	medium
319599	Photon OS 5.0: Linux PHSA-2026-5.0-0862	Nessus	PhotonOS Local Security Checks	high
318769	Photon OS 4.0: Linux PHSA-2026-4.0-1028	Nessus	PhotonOS Local Security Checks	high
313525	Amazon Linux 2023 : bpftool6.18, kernel6.18, kernel6.18-devel (ALAS2023-2026-1693)	Nessus	Amazon Linux Local Security Checks	high
313517	Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1695)	Nessus	Amazon Linux Local Security Checks	high
311299	Debian dsa-6238 : ata-modules-6.12.74+deb13+1-armmp-di - security update	Nessus	Debian Local Security Checks	high
310342	Linux Distros Unpatched Vulnerability : CVE-2026-31673	Nessus	Misc.	high

Detections

Analytics

CVE-2026-31673

high

Tenable Plugins

high

high

medium

high

high

high

high

high

high