This site uses cookies for analytics and to improve your experience. By clicking Accept, you consent to our use of cookies. Learn more in our privacy policy.

Home
About
System Admin
Tech
Home Lab
Rambles
Deals
Lifestyle
Threats
Weekly Digest
Advisories
Security
Phishing Updates
Threat Intelligence
Image Scraper
Contact

Security Advisory – 24 Feb 2026

Daily security advisory summary for 24 Feb 2026

Security fixes and advisories that landed overnight. Updated 24 Feb 2026 18:57 GMT.

Top items

Ubuntu

USN-8052-2: Linux kernel (Xilinx) vulnerabilities

The update describes multiple Linux kernel flaws including improper CPU cache initialisation that could let a local attacker with hypervisor access overwrite SEV-SNP guest memory and leak privileged data. A wide range of subsystems and architectures are listed as affected and numerous CVE identifiers are included in the notice.

  • Published: 24 Feb 2026 18:57 GMT
  • CVEs: CVE-2024-36331, CVE-2024-36350, CVE-2024-36357, plus many CVE-2025-… identifiers
  • Notes: Affected subsystems include multiple architectures, drivers and file systems

Ubuntu

USN-8028-8: Linux kernel (IBM) vulnerabilities

The notice reports improper CPU cache initialisation allowing a local attacker with hypervisor access to overwrite SEV-SNP guest memory and describes AMD store-to-load data inference that may leak privileged information. The advisory lists many kernel subsystems and a long series of CVE identifiers covering 2024 and 2025 issues.

  • Published: 24 Feb 2026 18:36 GMT
  • CVEs: CVE-2024-36331, CVE-2024-36350, CVE-2024-36357, plus many CVE-2025-… identifiers
  • Notes: Multiple architectures and drivers enumerated as affected

Ubuntu

USN-8060-3: Linux kernel (GCP FIPS) vulnerabilities

The advisory states several security issues in the Linux kernel affecting subsystems including GPU drivers and the MMC subsystem. Two CVEs are listed in the notice spanning older and recent identifiers.

  • Published: 24 Feb 2026 17:11 GMT
  • CVEs: CVE-2022-49267, CVE-2025-21780
  • Notes: Targets GPU and MMC subsystems

Ubuntu

USN-8060-2: Linux kernel (Real-time) vulnerabilities

The bulletin lists multiple kernel security issues that may allow an attacker to compromise the system and names GPU drivers and the MMC subsystem among affected areas. Two CVEs are referenced including a 2022 identifier and a 2025 identifier.

  • Published: 24 Feb 2026 17:04 GMT
  • CVEs: CVE-2022-49267, CVE-2025-21780
  • Notes: Real-time kernel package affected (GPU and MMC)

Ubuntu

USN-8059-2: Linux kernel (Raspberry Pi Real-time) vulnerabilities

The notice reports several Linux kernel security issues with the SMB network file system called out among affected subsystems. Two CVE identifiers are provided for the update.

  • Published: 24 Feb 2026 16:53 GMT
  • CVEs: CVE-2025-22037, CVE-2025-37899
  • Notes: SMB network file system listed as affected

Ubuntu

USN-8061-1: Linux kernel vulnerabilities

The advisory describes multiple kernel security issues and specifies the NFS server daemon and the SCTP protocol as affected subsystems. Two CVEs from 2024 are cited.

  • Published: 24 Feb 2026 16:43 GMT
  • CVEs: CVE-2024-50299, CVE-2024-53217
  • Notes: NFS server and SCTP protocol mentioned

Ubuntu

USN-8060-1: Linux kernel vulnerabilities

The update notes several kernel security issues affecting GPU drivers and the MMC subsystem and lists two CVEs including a 2022 identifier. The bulletin is one of a series addressing kernel components across builds.

  • Published: 24 Feb 2026 16:31 GMT
  • CVEs: CVE-2022-49267, CVE-2025-21780
  • Notes: Part of a grouped set of kernel updates for different builds

Ubuntu

USN-8059-1: Linux kernel vulnerabilities

The notice lists multiple Linux kernel issues with the SMB network file system specifically mentioned and two CVE identifiers included. The advisory mirrors other Raspberry Pi real-time kernel notices in scope.

  • Published: 24 Feb 2026 16:06 GMT
  • CVEs: CVE-2025-22037, CVE-2025-37899
  • Notes: Raspberry Pi real-time kernel context

Ubuntu

USN-8029-3: Linux kernel (Azure) vulnerabilities

The advisory details numerous kernel security issues affecting many architectures, drivers and subsystems including KVM and networking components and lists a long series of 2025 CVE identifiers. The notice covers Azure-targeted kernel builds and a wide range of components.

  • Published: 24 Feb 2026 11:20 GMT
  • CVEs: CVE-2025-40001, CVE-2025-40002, CVE-2025-40003, plus many CVE-2025-… identifiers
  • Notes: Azure kernel build with extensive component list

NIST

CVE-2024-58041

Smolder versions through 1.51 for Perl use the non-cryptographic rand() function as the default entropy source for cryptographic functions. The entry names Smolder::DB::Developer and Data::Random as using rand() which the library itself notes is mainly for test programs.

  • Published: 24 Feb 2026 00:16 GMT
  • CVEs: CVE-2024-58041
  • Notes: Insecure use of rand() for cryptographic purposes
0
0
0
0
Total
0
Shares
Share 0
Tweet 0
Pin it 0
Share 0