Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989182)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989182 advisory. In the Linux kernel, the following vulnerability has been resolved: fs/proc: taskmmu.c: don't read mapcount for migration entry The syzbot reported the below BUG:...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989030)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989030 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: mount fails with buffer overflow in strlen Starting with kernel 5.11 built with...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989219)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989219 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on totaldatablocks As Yanming reported in bugzilla:...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990280)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990280 advisory. In the Linux kernel, the following vulnerability has been resolved: jfs: fix slab-out-of-bounds read in eaget During the sizecheck label in eaget, the code checks i...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990358)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990358 advisory. In the Linux kernel, the following vulnerability has been resolved: jfs: xattr: fix buffer overflow for invalid xattr When an xattr size is not what is expected, it ...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988943)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988943 advisory. In the Linux kernel, the following vulnerability has been resolved: NFSv4: Don't hold the layoutget locks across multiple RPC calls When doing layoutget as part of t...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989829)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989829 advisory. In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Add validity check for dbmaxag and dbagpref Both dbmaxag and dbagpref are used as the ind...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990097)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990097 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption after conversion from inline format Commit 6dbf7bb55598 fs: Don't...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988914)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988914 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on curseg-alloctype As Wenqing Liu reported in bugzilla:...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989470)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989470 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix dereference of stale list iterator after loop body The list iterator variable will be a...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989770)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989770 advisory. In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix iasize underflow iattr::iasize is a lofft, which is a signed 64-bit type. NFSv3 and NFS...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989763)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989763 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: remove clear SBINLINECRYPT flag in defaultoptions In f2fsremount, SBINLINECRYPT flag will b...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989354)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989354 advisory. In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix an Oops in pnfsmarkrequestcommit when doing ODIRECT Fix an Oopsable condition in...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989876)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989876 advisory. In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds in dbFindLeaf Currently while searching for dmtreet for...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990177)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990177 advisory. In the Linux kernel, the following vulnerability has been resolved: jffs2: Fix potential illegal address access in jffs2freeinode During the stress testing of the...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989799)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989799 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check for inline inode Yanming reported a kernel bug in Bugzilla kernel 1,...

CVE-2025-64108 Cursor's Sensitive File Modification can Lead to NTFS Path Quirks

Cursor is a code editor built for programming with AI. In versions 1.7.44 and below, various NTFS path quirks allow a prompt injection attacker to circumvent sensitive file protections and overwrite files which Cursor requires human approval to overwrite. Modification of some of the protected fil...

CVE-2025-64108

Cursor is an AI-assisted code editor with a vulnerability in versions 1.7.44 and below. The issue arises from NTFS path quirks that permit a prompt-injection attacker to bypass file protections and overwrite files that normally require human approval. Modifications to protected files can lead to ...

CVE-2025-43446

CVE-2025-43446 affects macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, and macOS Tahoe 26.1 (and related builds). The issue stems from insufficient validation of symbolic links, enabling an app to modify protected parts of the filesystem. The CVE is mitigated by patches in the listed OS versions (Sono...

CVE-2025-43446

This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to modify protected parts of the file system...