ALAS2KERNEL-5.15-2026-107


Amazon Linux 2 Security Advisory: ALAS2KERNEL-5.15-2026-107
Advisory Released Date: 2026-06-22
Advisory Updated Date: 2026-07-06
Severity: Important
References: CVE-2022-50552  CVE-2025-38192  CVE-2025-68239  CVE-2026-23157  CVE-2026-23204  CVE-2026-23272  CVE-2026-23399  CVE-2026-23442  CVE-2026-31407  CVE-2026-31489  CVE-2026-31532  CVE-2026-31577  CVE-2026-31580  CVE-2026-31586  CVE-2026-31588  CVE-2026-31590  CVE-2026-31599  CVE-2026-31607  CVE-2026-31624  CVE-2026-31664  CVE-2026-31673  CVE-2026-31681  CVE-2026-31684  CVE-2026-31685  CVE-2026-31692  CVE-2026-31694  CVE-2026-31716  CVE-2026-43079  CVE-2026-43085  CVE-2026-43089  CVE-2026-43093  CVE-2026-43099  CVE-2026-43112  CVE-2026-43114  CVE-2026-43117  CVE-2026-43281  CVE-2026-43328  CVE-2026-43493  CVE-2026-43496  CVE-2026-43502  CVE-2026-45838  CVE-2026-45839  CVE-2026-45840  CVE-2026-45841  CVE-2026-45987  CVE-2026-46015  CVE-2026-46023  CVE-2026-46024  CVE-2026-46033  CVE-2026-46037  CVE-2026-46040  CVE-2026-46046  CVE-2026-46050  CVE-2026-46051  CVE-2026-46053  CVE-2026-46062  CVE-2026-46070  CVE-2026-46072  CVE-2026-46082  CVE-2026-46099  CVE-2026-46101  CVE-2026-46102  CVE-2026-46107  CVE-2026-46113  CVE-2026-46119  CVE-2026-46120  CVE-2026-46124  CVE-2026-46132  CVE-2026-46149  CVE-2026-46150  CVE-2026-46161  CVE-2026-46168  CVE-2026-46172  CVE-2026-46209  CVE-2026-46214  CVE-2026-46227  CVE-2026-46234  CVE-2026-46274  CVE-2026-46294  CVE-2026-52912  CVE-2026-52915  CVE-2026-52920  CVE-2026-52921  CVE-2026-52925  CVE-2026-52954  CVE-2026-52955  CVE-2026-52957  CVE-2026-52958  CVE-2026-52962  CVE-2026-52969  CVE-2026-52970  CVE-2026-52972  CVE-2026-52984  CVE-2026-52985  CVE-2026-52986  CVE-2026-52995  CVE-2026-52998  CVE-2026-52999  CVE-2026-53001  CVE-2026-53002  CVE-2026-53004  CVE-2026-53006  CVE-2026-53012  CVE-2026-53021  CVE-2026-53023  CVE-2026-53037  CVE-2026-53050  CVE-2026-53059  CVE-2026-53060  CVE-2026-53061  CVE-2026-53062  CVE-2026-53064  CVE-2026-53069  CVE-2026-53074  CVE-2026-53077  CVE-2026-53096  CVE-2026-53128  CVE-2026-53287  CVE-2026-53295  CVE-2026-53304 
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

In the Linux kernel, the following vulnerability has been resolved:

blk-mq: use quiesced elevator switch when reinitializing queues (CVE-2022-50552)

In the Linux kernel, the following vulnerability has been resolved:

net: clear the dst when changing skb protocol (CVE-2025-38192)

In the Linux kernel, the following vulnerability has been resolved:

binfmt_misc: restore write access before closing files opened by open_exec() (CVE-2025-68239)

In the Linux kernel, the following vulnerability has been resolved:

btrfs: do not strictly require dirty metadata threshold for metadata writepages (CVE-2026-23157)

In the Linux kernel, the following vulnerability has been resolved:

net/sched: cls_u32: use skb_header_pointer_careful() (CVE-2026-23204)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_tables: unconditionally bump set->nelems before insertion (CVE-2026-23272)

In the Linux kernel, the following vulnerability has been resolved:

nf_tables: nft_dynset: fix possible stateful expression memleak in error path (CVE-2026-23399)

In the Linux kernel, the following vulnerability has been resolved:

ipv6: add NULL checks for idev in SRv6 paths (CVE-2026-23442)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: conntrack: add missing netlink policy validations (CVE-2026-31407)

In the Linux kernel, the following vulnerability has been resolved:

spi: meson-spicc: Fix double-put in remove path (CVE-2026-31489)

In the Linux kernel, the following vulnerability has been resolved:

can: raw: fix ro->uniq use-after-free in raw_rcv() (CVE-2026-31532)

In the Linux kernel, the following vulnerability has been resolved:

nilfs2: fix NULL i_assoc_inode dereference in nilfs_mdt_save_to_shadow_map (CVE-2026-31577)

In the Linux kernel, the following vulnerability has been resolved:

bcache: fix cached_dev.sb_bio use-after-free and crash (CVE-2026-31580)

In the Linux kernel, the following vulnerability has been resolved:

mm: blk-cgroup: fix use-after-free in cgwb_release_workfn() (CVE-2026-31586)

In the Linux kernel, the following vulnerability has been resolved:

KVM: x86: Use scratch field in MMIO fragment to hold small write values (CVE-2026-31588)

In the Linux kernel, the following vulnerability has been resolved:

KVM: SEV: Drop WARN on large size for KVM_MEMORY_ENCRYPT_REG_REGION (CVE-2026-31590)

In the Linux kernel, the following vulnerability has been resolved:

media: vidtv: fix NULL pointer dereference in vidtv_channel_pmt_match_sections (CVE-2026-31599)

In the Linux kernel, the following vulnerability has been resolved:

usbip: validate number_of_packets in usbip_pack_ret_submit() (CVE-2026-31607)

In the Linux kernel, the following vulnerability has been resolved:

HID: core: clamp report_size in s32ton() to avoid undefined shift (CVE-2026-31624)

In the Linux kernel, the following vulnerability has been resolved:

xfrm: clear trailing padding in build_polexpire() (CVE-2026-31664)

In the Linux kernel, the following vulnerability has been resolved:

af_unix: read UNIX_DIAG_VFS data under unix_state_lock (CVE-2026-31673)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: xt_multiport: validate range encoding in checkentry (CVE-2026-31681)

In the Linux kernel, the following vulnerability has been resolved:

net: sched: act_csum: validate nested VLAN headers (CVE-2026-31684)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: ip6t_eui64: reject invalid MAC header for all packets (CVE-2026-31685)

In the Linux kernel, the following vulnerability has been resolved:

rtnetlink: add missing netlink_ns_capable() check for peer netns (CVE-2026-31692)

In the Linux kernel, the following vulnerability has been resolved:

fuse: reject oversized dirents in page cache (CVE-2026-31694)

In the Linux kernel, the following vulnerability has been resolved:

fs/ntfs3: validate rec->used in journal-replay file record check (CVE-2026-31716)

In the Linux kernel, the following vulnerability has been resolved:

perf/x86/intel/uncore: Skip discovery table for offline dies (CVE-2026-43079)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nfnetlink_log: initialize nfgenmsg in NLMSG_DONE terminator (CVE-2026-43085)

In the Linux kernel, the following vulnerability has been resolved:

xfrm_user: fix info leak in build_mapping() (CVE-2026-43089)

In the Linux kernel, the following vulnerability has been resolved:

xsk: tighten UMEM headroom validation to account for tailroom and min frame (CVE-2026-43093)

In the Linux kernel, the following vulnerability has been resolved:

ipv4: icmp: fix null-ptr-deref in icmp_build_probe() (CVE-2026-43099)

In the Linux kernel, the following vulnerability has been resolved:

fs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath (CVE-2026-43112)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nft_set_pipapo_avx2: don't return non-matching entry on expiry (CVE-2026-43114)

In the Linux kernel, the following vulnerability has been resolved:

btrfs: tracepoints: get correct superblock from dentry in event btrfs_sync_file() (CVE-2026-43117)

In the Linux kernel, the following vulnerability has been resolved:

mailbox: Prevent out-of-bounds access in fw_mbox_index_xlate() (CVE-2026-43281)

In the Linux kernel, the following vulnerability has been resolved:

cpufreq: governor: fix double free in cpufreq_dbs_governor_init() error path (CVE-2026-43328)

In the Linux kernel, the following vulnerability has been resolved:

crypto: pcrypt - Fix handling of MAY_BACKLOG requests (CVE-2026-43493)

In the Linux kernel, the following vulnerability has been resolved:

net/sched: sch_red: Replace direct dequeue call with peek and qdisc_dequeue_peeked (CVE-2026-43496)

In the Linux kernel, the following vulnerability has been resolved:

net/rds: handle zerocopy send cleanup before the message is queued (CVE-2026-43502)

In the Linux kernel, the following vulnerability has been resolved:

bpf: fix end-of-list detection in cgroup_storage_get_next_key() (CVE-2026-45838)

In the Linux kernel, the following vulnerability has been resolved:

bpf: reject negative CO-RE accessor indices in bpf_core_parse_spec() (CVE-2026-45839)

In the Linux kernel, the following vulnerability has been resolved:

openvswitch: cap upcall PID array size and pre-size vport replies (CVE-2026-45840)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nfnetlink_osf: fix divide-by-zero in OSF_WSS_MODULO (CVE-2026-45841)

In the Linux kernel, the following vulnerability has been resolved:

KVM: nSVM: Sync interrupt shadow to cached vmcb12 after VMRUN of L2 (CVE-2026-45987)

In the Linux kernel, the following vulnerability has been resolved:

tcp: call sk_data_ready() after listener migration (CVE-2026-46015)

In the Linux kernel, the following vulnerability has been resolved:

dm mirror: fix integer overflow in create_dirty_log() (CVE-2026-46023)

In the Linux kernel, the following vulnerability has been resolved:

libceph: Prevent potential null-ptr-deref in ceph_handle_auth_reply() (CVE-2026-46024)

In the Linux kernel, the following vulnerability has been resolved:

crypto: authencesn - reject short ahash digests during instance creation (CVE-2026-46033)

In the Linux kernel, the following vulnerability has been resolved:

ipv4: icmp: validate reply type before using icmp_pointers (CVE-2026-46037)

In the Linux kernel, the following vulnerability has been resolved:

inotify: fix watch count leak when fsnotify_add_inode_mark_locked() fails (CVE-2026-46040)

In the Linux kernel, the following vulnerability has been resolved:

ext4: fix missing brelse() in ext4_xattr_inode_dec_ref_all() (CVE-2026-46046)

In the Linux kernel, the following vulnerability has been resolved:

md/raid10: fix deadlock with check operation and nowait requests (CVE-2026-46050)

In the Linux kernel, the following vulnerability has been resolved:

md/raid5: fix soft lockup in retry_aligned_read() (CVE-2026-46051)

In the Linux kernel, the following vulnerability has been resolved:

net: rds: fix MR cleanup on copy error (CVE-2026-46053)

In the Linux kernel, the following vulnerability has been resolved:

ntfs3: fix integer overflow in run_unpack() volume boundary check (CVE-2026-46062)

In the Linux kernel, the following vulnerability has been resolved:

md/raid5: validate payload size before accessing journal metadata (CVE-2026-46070)

In the Linux kernel, the following vulnerability has been resolved:

ntfs3: add buffer boundary checks to run_unpack() (CVE-2026-46072)

In the Linux kernel, the following vulnerability has been resolved:

KVM: SVM: Inject #UD for INVLPGA if EFER.SVME=0 (CVE-2026-46082)

In the Linux kernel, the following vulnerability has been resolved:

net: ipv6: fix NOREF dst use in seg6 and rpl lwtunnels (CVE-2026-46099)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: reject zero shift in nft_bitwise (CVE-2026-46101)

In the Linux kernel, the following vulnerability has been resolved:

net: strparser: fix skb_head leak in strp_abort_strp() (CVE-2026-46102)

In the Linux kernel, the following vulnerability has been resolved:

dm-thin: fix metadata refcount underflow (CVE-2026-46107)

In the Linux kernel, the following vulnerability has been resolved:

KVM: x86: Fix shadow paging use-after-free due to unexpected GFN (CVE-2026-46113)

In the Linux kernel, the following vulnerability has been resolved:

libceph: Fix slab-out-of-bounds access in auth message processing (CVE-2026-46119)

In the Linux kernel, the following vulnerability has been resolved:

ip6_gre: Use cached t->net in ip6erspan_changelink(). (CVE-2026-46120)

In the Linux kernel, the following vulnerability has been resolved:

isofs: validate block number from NFS file handle in isofs_export_iget (CVE-2026-46124)

In the Linux kernel, the following vulnerability has been resolved:

net: rtnetlink: zero ifla_vf_broadcast to avoid stack infoleak in rtnl_fill_vfinfo (CVE-2026-46132)

In the Linux kernel, the following vulnerability has been resolved:

scsi: target: configfs: Bound snprintf() return in tg_pt_gp_members_show() (CVE-2026-46149)

In the Linux kernel, the following vulnerability has been resolved:

fanotify: fix false positive on permission events (CVE-2026-46150)

In the Linux kernel, the following vulnerability has been resolved:

md/raid10: fix divide-by-zero in setup_geo() with zero far_copies (CVE-2026-46161)

In the Linux kernel, the following vulnerability has been resolved:

mptcp: fix scheduling with atomic in timestamp sockopt (CVE-2026-46168)

In the Linux kernel, the following vulnerability has been resolved:

ipv6: xfrm6: release dst on error in xfrm6_rcv_encap() (CVE-2026-46172)

In the Linux kernel, the following vulnerability has been resolved:

drm/gem: Fix inconsistent plane dimension calculation in drm_gem_fb_init_with_funcs() (CVE-2026-46209)

In the Linux kernel, the following vulnerability has been resolved:

vsock/virtio: fix accept queue count leak on transport mismatch (CVE-2026-46214)

In the Linux kernel, the following vulnerability has been resolved:

sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL (CVE-2026-46227)

In the Linux kernel, the following vulnerability has been resolved:

vsock: fix buffer size clamping order (CVE-2026-46234)

In the Linux kernel, the following vulnerability has been resolved:

io-wq: check that the predecessor is hashed in io_wq_remove_pending() (CVE-2026-46274)

In the Linux kernel, the following vulnerability has been resolved:

dm: fix a buffer overflow in ioctl processing (CVE-2026-46294)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_queue: hold bridge skb->dev while queued (CVE-2026-52912)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: ip6t_hbh: reject oversized option lists (CVE-2026-52915)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: xt_policy: fix strict mode inbound policy matching (CVE-2026-52920)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: ipset: stop hash:* range iteration at end (CVE-2026-52921)

In the Linux kernel, the following vulnerability has been resolved:

vrf: Fix a potential NPD when removing a port from a VRF (CVE-2026-52925)

In the Linux kernel, the following vulnerability has been resolved:

libceph: handle rbtree insertion error in decode_choose_args() (CVE-2026-52954)

In the Linux kernel, the following vulnerability has been resolved:

libceph: Fix potential out-of-bounds access in crush_decode() (CVE-2026-52955)

In the Linux kernel, the following vulnerability has been resolved:

libceph: Fix potential null-ptr-deref in decode_choose_args() (CVE-2026-52957)

In the Linux kernel, the following vulnerability has been resolved:

libceph: Fix potential out-of-bounds access in osdmap_decode() (CVE-2026-52958)

In the Linux kernel, the following vulnerability has been resolved:

ceph: fix a buffer leak in __ceph_setxattr() (CVE-2026-52962)

In the Linux kernel, the following vulnerability has been resolved:

KVM: Reject wrapped offset in kvm_reset_dirty_gfn() (CVE-2026-52969)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nft_ct: fix missing expect put in obj eval (CVE-2026-52970)

In the Linux kernel, the following vulnerability has been resolved:

crypto: af_alg - Cap AEAD AD length to 0x80000000 (CVE-2026-52972)

In the Linux kernel, the following vulnerability has been resolved:

net/sched: netem: fix queue limit check to include reordered packets

The queue limit check in netem_enqueue() uses q->t_len which only
counts packets in the internal tfifo. Packets placed in sch->q by
the reorder path (__qdisc_enqueue_head) are not counted, allowing
the total queue occupancy to exceed sch->limit under reordering.

Include sch->q.qlen in the limit check. (CVE-2026-52984)

In the Linux kernel, the following vulnerability has been resolved:

netdevsim: zero initialize struct iphdr in dummy sk_buff (CVE-2026-52985)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_conntrack_sip: don't use simple_strtoul (CVE-2026-52986)

In the Linux kernel, the following vulnerability has been resolved:

net/rds: zero per-item info buffer before handing it to visitors (CVE-2026-52995)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nfnetlink_osf: fix potential NULL dereference in ttl check (CVE-2026-52998)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nfnetlink_osf: fix out-of-bounds read on option matching (CVE-2026-52999)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: xtables: restrict several matches to inet family (CVE-2026-53001)

In the Linux kernel, the following vulnerability has been resolved:

netfilter: conntrack: remove sprintf usage (CVE-2026-53002)

In the Linux kernel, the following vulnerability has been resolved:

sctp: fix OOB write to userspace in sctp_getsockopt_peer_auth_chunks (CVE-2026-53004)

In the Linux kernel, the following vulnerability has been resolved:

ipv6: fix possible UAF in icmpv6_rcv() (CVE-2026-53006)

In the Linux kernel, the following vulnerability has been resolved:

nexthop: fix IPv6 route referencing IPv4 nexthop (CVE-2026-53012)

In the Linux kernel, the following vulnerability has been resolved:

scsi: target: core: Fix integer overflow in UNMAP bounds check (CVE-2026-53021)

In the Linux kernel, the following vulnerability has been resolved:

fs/ntfs3: terminate the cached volume label after UTF-8 conversion (CVE-2026-53023)

In the Linux kernel, the following vulnerability has been resolved:

HID: usbhid: fix deadlock in hid_post_reset() (CVE-2026-53037)

In the Linux kernel, the following vulnerability has been resolved:

quota: Fix race of dquot_scan_active() with quota deactivation (CVE-2026-53050)

In the Linux kernel, the following vulnerability has been resolved:

dm log: fix out-of-bounds write due to region_count overflow (CVE-2026-53059)

In the Linux kernel, the following vulnerability has been resolved:

dm cache metadata: fix memory leak on metadata abort retry (CVE-2026-53060)

In the Linux kernel, the following vulnerability has been resolved:

dm cache: fix dirty mapping checking in passthrough mode switching (CVE-2026-53061)

In the Linux kernel, the following vulnerability has been resolved:

dm cache policy smq: fix missing locks in invalidating cache blocks (CVE-2026-53062)

In the Linux kernel, the following vulnerability has been resolved:

dm cache: fix null-deref with concurrent writes in passthrough mode (CVE-2026-53064)

In the Linux kernel, the following vulnerability has been resolved:

net, bpf: fix null-ptr-deref in xdp_master_redirect() for down master (CVE-2026-53069)

In the Linux kernel, the following vulnerability has been resolved:

bpf: reject short IPv4/IPv6 inputs in bpf_prog_test_run_skb (CVE-2026-53074)

In the Linux kernel, the following vulnerability has been resolved:

net/rds: Restrict use of RDS/IB to the initial network namespace (CVE-2026-53077)

In the Linux kernel, the following vulnerability has been resolved:

bpf: Use RCU-safe iteration in dev_map_redirect_multi() SKB path (CVE-2026-53096)

In the Linux kernel, the following vulnerability has been resolved:

drbd: Balance RCU calls in drbd_adm_dump_devices() (CVE-2026-53128)

In the Linux kernel, the following vulnerability has been resolved:

audit: fix incorrect inheritable capability in CAPSET records

__audit_log_capset() records the effective capability set into the
inheritable field due to a copy-paste error. Every CAPSET audit
record therefore reports cap_pi (process inheritable) with the value
of cap_effective instead of cap_inheritable.

This silently corrupts audit data used for compliance and forensic
analysis: an attacker who modifies inheritable capabilities to
prepare for a privilege-escalating exec would have the change masked
in the audit trail.

The bug has been present since the original introduction of CAPSET
audit records in 2008. (CVE-2026-53287)

In the Linux kernel, the following vulnerability has been resolved:

mailbox: add sanity check for channel array

Fail gracefully if there is no channel array attached to the mailbox
controller. Otherwise the later dereference will cause an OOPS which
might not be seen because mailbox controllers might instantiate very
early. Remove the comment explaining the obvious while here. (CVE-2026-53295)

In the Linux kernel, the following vulnerability has been resolved:

scsi: sg: Resolve soft lockup issue when opening /dev/sgX (CVE-2026-53304)


Affected Packages:

kernel


Note:

This advisory is applicable to Amazon Linux 2 - Kernel-5.15 Extra. Visit this page to learn more about Amazon Linux 2 (AL2) Extras and this FAQ section for the difference between AL2 Core and AL2 Extras advisories.


Issue Correction:
Run yum update kernel or yum update --advisory ALAS2KERNEL-5.15-2026-107 to update your system.
System reboot is required in order to complete this update.

New Packages:
aarch64:
    kernel-5.15.209-147.245.amzn2.aarch64
    kernel-headers-5.15.209-147.245.amzn2.aarch64
    kernel-debuginfo-common-aarch64-5.15.209-147.245.amzn2.aarch64
    perf-5.15.209-147.245.amzn2.aarch64
    perf-debuginfo-5.15.209-147.245.amzn2.aarch64
    python-perf-5.15.209-147.245.amzn2.aarch64
    python-perf-debuginfo-5.15.209-147.245.amzn2.aarch64
    kernel-tools-5.15.209-147.245.amzn2.aarch64
    kernel-tools-devel-5.15.209-147.245.amzn2.aarch64
    kernel-tools-debuginfo-5.15.209-147.245.amzn2.aarch64
    bpftool-5.15.209-147.245.amzn2.aarch64
    bpftool-debuginfo-5.15.209-147.245.amzn2.aarch64
    kernel-devel-5.15.209-147.245.amzn2.aarch64
    kernel-debuginfo-5.15.209-147.245.amzn2.aarch64
    kernel-livepatch-5.15.209-147.245-1.0-0.amzn2.aarch64

i686:
    kernel-headers-5.15.209-147.245.amzn2.i686

src:
    kernel-5.15.209-147.245.amzn2.src

x86_64:
    kernel-5.15.209-147.245.amzn2.x86_64
    kernel-headers-5.15.209-147.245.amzn2.x86_64
    kernel-debuginfo-common-x86_64-5.15.209-147.245.amzn2.x86_64
    perf-5.15.209-147.245.amzn2.x86_64
    perf-debuginfo-5.15.209-147.245.amzn2.x86_64
    python-perf-5.15.209-147.245.amzn2.x86_64
    python-perf-debuginfo-5.15.209-147.245.amzn2.x86_64
    kernel-tools-5.15.209-147.245.amzn2.x86_64
    kernel-tools-devel-5.15.209-147.245.amzn2.x86_64
    kernel-tools-debuginfo-5.15.209-147.245.amzn2.x86_64
    bpftool-5.15.209-147.245.amzn2.x86_64
    bpftool-debuginfo-5.15.209-147.245.amzn2.x86_64
    kernel-devel-5.15.209-147.245.amzn2.x86_64
    kernel-debuginfo-5.15.209-147.245.amzn2.x86_64
    kernel-livepatch-5.15.209-147.245-1.0-0.amzn2.x86_64

Changelog:

2026-07-06: CVE-2026-52915 was added to this advisory.

2026-07-06: CVE-2026-53012 was added to this advisory.

2026-07-06: CVE-2026-53060 was added to this advisory.

2026-07-06: CVE-2026-53002 was added to this advisory.

2026-07-06: CVE-2026-52962 was added to this advisory.

2026-07-06: CVE-2026-52955 was added to this advisory.

2026-07-06: CVE-2026-52986 was added to this advisory.

2026-07-06: CVE-2026-46274 was added to this advisory.

2026-07-06: CVE-2026-53077 was added to this advisory.

2026-07-06: CVE-2026-53023 was added to this advisory.

2026-07-06: CVE-2026-52954 was added to this advisory.

2026-07-06: CVE-2026-52984 was added to this advisory.

2026-07-06: CVE-2026-53061 was added to this advisory.

2026-07-06: CVE-2026-52921 was added to this advisory.

2026-07-06: CVE-2026-52999 was added to this advisory.

2026-07-06: CVE-2026-53287 was added to this advisory.

2026-07-06: CVE-2026-53096 was added to this advisory.

2026-07-06: CVE-2026-53004 was added to this advisory.

2026-07-06: CVE-2026-52985 was added to this advisory.

2026-07-06: CVE-2026-53021 was added to this advisory.

2026-07-06: CVE-2026-52969 was added to this advisory.

2026-07-06: CVE-2026-53006 was added to this advisory.

2026-07-06: CVE-2026-53069 was added to this advisory.

2026-07-06: CVE-2026-46113 was added to this advisory.

2026-07-06: CVE-2026-53128 was added to this advisory.

2026-07-06: CVE-2026-52958 was added to this advisory.

2026-07-06: CVE-2026-53062 was added to this advisory.

2026-07-06: CVE-2026-53304 was added to this advisory.

2026-07-06: CVE-2026-53001 was added to this advisory.

2026-07-06: CVE-2026-52925 was added to this advisory.

2026-07-06: CVE-2026-53059 was added to this advisory.

2026-07-06: CVE-2026-53074 was added to this advisory.

2026-07-06: CVE-2026-52920 was added to this advisory.

2026-07-06: CVE-2026-52998 was added to this advisory.

2026-07-06: CVE-2026-52912 was added to this advisory.

2026-07-06: CVE-2026-53050 was added to this advisory.

2026-07-06: CVE-2026-52970 was added to this advisory.

2026-07-06: CVE-2026-52972 was added to this advisory.

2026-07-06: CVE-2026-52995 was added to this advisory.

2026-07-06: CVE-2026-53295 was added to this advisory.

2026-07-06: CVE-2026-52957 was added to this advisory.

2026-07-06: CVE-2026-53037 was added to this advisory.

2026-07-06: CVE-2026-53064 was added to this advisory.