Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013359)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013359 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: use timestamp to check for set element timeout Add a timestamp field at the...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010955)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010955 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on summary info As Wenqing Liu reported in bugzilla:...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013132)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013132 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: skip sync GC for new elements in this transaction New elements in this...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011041)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011041 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: release mutex after nftgcseqend from abort path The commit mutex should not ...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011402)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011402 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: skip end interval element from gc rbtree lazy gc on insert might collect...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013101)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013101 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: release mutex after nftgcseqend from abort path The commit mutex should not ...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011399)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011399 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: use timestamp to check for set element timeout Add a timestamp field at the...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013108)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013108 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: mark set as dead when unbinding anonymous set with timeout While the...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013371)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013371 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: skip end interval element from gc rbtree lazy gc on insert might collect...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006805)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006805 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: mark set as dead when unbinding anonymous set with timeout While the...

SUSE CVE-2026-35094

A flaw was found in libinput. An attacker capable of deploying a Lua plugin file in specific system directories can exploit a dangling pointer vulnerability. This occurs when a garbage collection cleanup function is called, leaving a pointer that can then be printed to system logs. This could...

CVE-2026-35094

A flaw was found in libinput. An attacker capable of deploying a Lua plugin file in specific system directories can exploit a dangling pointer vulnerability. This occurs when a garbage collection cleanup function is called, leaving a pointer that can then be printed to system logs. This could...

CVE-2026-35094 Libinput: libinput: information disclosure via dangling pointer in lua plugin handling

A flaw was found in libinput. An attacker capable of deploying a Lua plugin file in specific system directories can exploit a dangling pointer vulnerability. This occurs when a garbage collection cleanup function is called, leaving a pointer that can then be printed to system logs. This could...

CVE-2026-35094 Libinput: libinput: information disclosure via dangling pointer in lua plugin handling

A flaw was found in libinput. An attacker capable of deploying a Lua plugin file in specific system directories can exploit a dangling pointer vulnerability. This occurs when a garbage collection cleanup function is called, leaving a pointer that can then be printed to system logs. This could...

PT-2026-29525

Name of the Vulnerable Software and Affected Versions libinput affected versions not specified Description A flaw exists in libinput where an attacker who can deploy a Lua plugin file in specific system directories can exploit a dangling pointer vulnerability. This occurs when a garbage collectio...

netfilter: nft_set_pipapo: split gc into unlink and reclaim phase

...

SUSE CVE-2026-23351

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: split gc into unlink and reclaim phase Yiming Qian reports Use-after-free in the pipapo set type: Under a large number of expired elements, commit-time GC can run for a very long time in a non-preemptible...

SUSE CVE-2026-23394

In the Linux kernel, the following vulnerability has been resolved: afunix: Give up GC if MSGPEEK intervened. Igor Ushakov reported that GC purged the receive queue of an alive socket due to a race with MSGPEEK with a nice repro. This is the exact same issue previously fixed by commit cbcf01128d0...

CVE-2026-23394

A flaw was found in the Linux kernel's afunix component. A race condition exists between the MSGPEEK operation and the garbage collection process. This can allow a local user to cause the garbage collector to incorrectly purge the receive queue of an alive socket, potentially leading to a denial ...

CVE-2026-23351

A flaw was found in the Linux kernel's netfilter component, specifically within the nftsetpipapo module. A local attacker could exploit a use-after-free vulnerability when a large number of expired elements are present. This can cause the garbage collection GC process to run for an extended perio...