Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002867)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002867 advisory. Memory leak in the virtiogpuobjectcreate function in drivers/gpu/drm/virtio/virtgpuobject.c in the Linux kernel through 4.11.8 allows attackers to cause a denial of...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003472)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003472 advisory. The cryptoskcipherinittfm function in crypto/skcipher.c in the Linux kernel through 4.11.2 relies on a setkey function that lacks a key-size check, which allows loca...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001956)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001956 advisory. The sctpinit function in net/sctp/protocol.c in the Linux kernel before 4.2.3 has an incorrect sequence of protocol-initialization steps, which allows local users to...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002227)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002227 advisory. The sctpinit function in net/sctp/protocol.c in the Linux kernel before 4.2.3 has an incorrect sequence of protocol-initialization steps, which allows local users to...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003011)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003011 advisory. sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kern...

CVE-2025-68808

In the Linux kernel, the following vulnerability has been resolved: media: vidtv: initialize local pointers upon transfer of memory ownership vidtvchannelsiinit creates a temporary list program, service, event and ownership of the memory itself is transferred to the PAT/SDT/EIT tables through...

CVE-2025-68701

Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries. Prior to 2.2, Jervis uses deterministic AES IV derivation from a passphrase. This vulnerability is fixed in 2.2...

CVE-2025-71115

In the Linux kernel, the following vulnerability has been resolved: um: init cputasks earlier This is currently done in umlfinishsetup, but e.g. with KCOV enabled we'll crash because some init code can call into e.g. memparse, which has coverage annotations, and then the checks in checkkcovmode...

UBUNTU-CVE-2025-71113

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - zero initialize memory allocated via sockkmalloc Several crypto user API contexts and requests allocated with sockkmalloc were left uninitialized, relying on callers to set fields explicitly. This resulted in the...

CVE-2025-71131

In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Do not use req-iv after cryptoaeadencrypt As soon as cryptoaeadencrypt is called, the underlying request may be freed by an asynchronous completion. Thus dereferencing req-iv after it returns is invalid. Instead o...

CVE-2025-71113

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - zero initialize memory allocated via sockkmalloc Several crypto user API contexts and requests allocated with sockkmalloc were left uninitialized, relying on callers to set fields explicitly. This resulted in the...

UBUNTU-CVE-2025-71115

In the Linux kernel, the following vulnerability has been resolved: um: init cputasks earlier This is currently done in umlfinishsetup, but e.g. with KCOV enabled we'll crash because some init code can call into e.g. memparse, which has coverage annotations, and then the checks in checkkcovmode...

CVE-2025-71113

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - zero initialize memory allocated via sockkmalloc Several crypto user API contexts and requests allocated with sockkmalloc were left uninitialized, relying on callers to set fields explicitly. This resulted in the...

AZL-74612 CVE-2025-71113 affecting package kernel for versions less than 6.6.121.1-1

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - zero initialize memory allocated via sockkmalloc Several crypto user API contexts and requests allocated with sockkmalloc were left uninitialized, relying on callers to set fields explicitly. This resulted in the...

UBUNTU-CVE-2025-56226

Libsndfile =1.2.2 contains a memory leak vulnerability in the mpegl3encoderinit function within the mpegl3encode.c file...

CVE-2025-71143

In the Linux kernel, the following vulnerability has been resolved: clk: samsung: exynos-clkout: Assign .num before accessing .hws Commit f316cdff8d67 "clk: Annotate struct clkhwonecelldata with countedby" annotated the hws member of 'struct clkhwonecelldata' with countedby, which informs the...

CVE-2025-71131 crypto: seqiv - Do not use req->iv after crypto_aead_encrypt

In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Do not use req-iv after cryptoaeadencrypt As soon as cryptoaeadencrypt is called, the underlying request may be freed by an asynchronous completion. Thus dereferencing req-iv after it returns is invalid. Instead o...

CVE-2025-71131

In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Do not use req-iv after cryptoaeadencrypt As soon as cryptoaeadencrypt is called, the underlying request may be freed by an asynchronous completion. Thus dereferencing req-iv after it returns is invalid. Instead o...

CVE-2025-71131 crypto: seqiv - Do not use req->iv after crypto_aead_encrypt

In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Do not use req-iv after cryptoaeadencrypt As soon as cryptoaeadencrypt is called, the underlying request may be freed by an asynchronous completion. Thus dereferencing req-iv after it returns is invalid. Instead o...

CVE-2025-71130

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Zero-initialize the eb.vma array in i915gemdoexecbuffer Initialize the eb.vma array with values of 0 when the eb structure is first set up. In particular, this sets the eb-vmai.vma pointers to NULL, simplifying...