Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011294)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011294 advisory. In the Linux kernel, the following vulnerability has been resolved: dccp: fix data-race around dp-dccpsmsscache dccpsendmsg reads dp-dccpsmsscache before locking the...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011198)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011198 advisory. In the Linux kernel, the following vulnerability has been resolved: dm cache: Fix UAF in destroy Dmcache also has the same UAF problem when dmresume and dmdestroy ar...

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007042)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007042 advisory. In the Linux kernel, the following vulnerability has been resolved: net: sock: fix hardened usercopy panic in sockrecverrqueue skbufffclonecache was created without...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-012961)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-012961 advisory. In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: convert from raw to noinc regmap functions for FIFO The SC16IS7XX IC supports ...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013062)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013062 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: clear extent cache after moving/defragmenting extents The extent map cache can become stal...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013330)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013330 advisory. In the Linux kernel, the following vulnerability has been resolved: powerpc/rtasflash: allow user copy to flash block cache objects With hardened usercopy enabled...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-013313)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013313 advisory. In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: don't delete error page from pagecache This change is very similar to the change that...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011301)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011301 advisory. In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix KMSAN uninit-value issue in hfsplusextcacheextent The syzbot reported issue in...

PT-2026-34222

Name of the Vulnerable Software and Affected Versions OpenFGA versions prior to 1.14.1 Description In specific scenarios, models using conditions with caching enabled can result in two different check requests producing the same cache key. This may lead to the reuse of an earlier cached result fo...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-010820)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010820 advisory. In the Linux kernel, the following vulnerability has been resolved: dm cache: prevent BUGON by blocking retries on failed device resumes A cache device failing to...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013169)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013169 advisory. In the Linux kernel, the following vulnerability has been resolved: dccp: fix data-race around dp-dccpsmsscache dccpsendmsg reads dp-dccpsmsscache before locking the...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013094)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013094 advisory. In the Linux kernel, the following vulnerability has been resolved: dccp: fix data-race around dp-dccpsmsscache dccpsendmsg reads dp-dccpsmsscache before locking the...

PT-2026-34186

The Data Sharing Framework DSF implements a distributed process engine based on the BPMN 2.0 and FHIR R4 standards. Prior to 2.1.0, The OIDC JWKS and Metadata Document caches used an inverted time comparison isBefore instead of isAfter, causing the cache to never return cached values. Every...

SUSE CVE-2026-31429

In the Linux kernel, the following vulnerability has been resolved: net: skb: fix cross-cache free of KFENCE-allocated skb head SKBSMALLHEADCACHESIZE is intentionally set to a non-power-of-2 value e.g. 704 on x8664 to avoid collisions with generic kmalloc bucket sizes. This ensures that...

EUVD-2026-23944

NEMU contains an implementation flaw in its RISC-V Hypervisor CSR handling where henvcfg7:4 CBIE/CBCFE/CBZE-related fields is incorrectly masked/updated based on menvcfg7:4, so a machine-mode write to menvcfg can implicitly modify the hypervisor's environment configuration. This can lead to...

CVE-2026-6550

Cryptographic algorithm downgrade in the caching layer of Amazon AWS Encryption SDK for Python before version 3.3.1 and before version 4.0.5 might allow an authenticated local threat actor to bypass key commitment policy enforcement via a shared key cache, resulting in ciphertext that can be...

Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')

Overview aws-encryption-sdk is an AWS Encryption SDK implementation for Python Affected versions of this package are vulnerable to Selection of Less-Secure Algorithm During Negotiation 'Algorithm Downgrade' via the shared key cache. An attacker can bypass key commitment policy enforcement by...

CVE-2026-6550

Cryptographic algorithm downgrade in the caching layer of Amazon AWS Encryption SDK for Python before version 3.3.1 and before version 4.0.5 might allow an authenticated local threat actor to bypass key commitment policy enforcement via a shared key cache, resulting in ciphertext that can be...

CVE-2026-6550

The vulnerability CVE-2026-6550 affects the AWS Encryption SDK for Python in its caching layer. A cryptographic downgrade in the key cache could allow an authenticated local actor to bypass key commitment policy enforcement, enabling ciphertext to be decrypted into multiple possible plaintexts. A...

CVE-2026-6550 Key commitment policy bypass via shared key cache in AWS Encryption SDK for Python

Cryptographic algorithm downgrade in the caching layer of Amazon AWS Encryption SDK for Python before version 3.3.1 and before version 4.0.5 might allow an authenticated local threat actor to bypass key commitment policy enforcement via a shared key cache, resulting in ciphertext that can be...