Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992235)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992235 advisory. In the Linux kernel, the following vulnerability has been resolved: pstore/ram: Check start of empty przs during init After commit 30696378f68a pstore/ram: Do not...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992392)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992392 advisory. In the Linux kernel, the following vulnerability has been resolved: staging: vt6655: fix some erroneous memory clean-up loops In some initialization functions of thi...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992529)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992529 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix error unwind in rxecreateqp In the function rxecreateqp, rxeqpfrominit is called to...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992696)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992696 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix error unwind in rxecreateqp In the function rxecreateqp, rxeqpfrominit is called to...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992369)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992369 advisory. In the Linux kernel, the following vulnerability has been resolved: tty: vt: initialize unicode screen buffer syzbot reports kernel infoleak at vcsread 1, for buffe...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992335)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992335 advisory. In the Linux kernel, the following vulnerability has been resolved: ipvs: fix WARNING in ipvsappnetcleanup During the initialization of ipvsappnetinit, if file ipvsa...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992252)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992252 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcildisc,serdev: check percpuinitrwsem failure syzbot is reporting NULL pointer...

PT-2025-53966

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak was identified in the dio init function within the Direct I/O DIO driver of the Linux kernel. Specifically, if the device register function returns an error, the allocated...

Malicious code in cryptozip (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 157ea6b1f1c3d4ed5564c494db770e9156f3e269f12cefec6e4270085a762f26 During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...

XunRuiCMS 跨站脚本漏洞

XunRuiCMS XunRuiCMS is a content management system for individual developers of XunRuiCMS. A code injection vulnerability exists in XunRuiCMS 4.7.1 and earlier versions, which originates from the incorrect operation of the parameter callback in the file /dayrui/Fcms/Init.php, which may lead to...

Malicious code in extrazip (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f58777710463b043a0724ad1d7999807501b56667a10eced314fd036e9303fdf During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...

SUSE-SU-2025:4528-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.50.4. Security issues fixed: - CVE-2025-14174: processing maliciously crafted web content may lead to memory corruption due to improper validation bsc1255497. - CVE-2025-43501: processing maliciously crafted web content m...

Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.50.4. Security issues fixed: CVE-2025-14174: processing maliciously crafted web content may lead to memory corruption due to improper validation bsc1255497. CVE-2025-43501: processing maliciously crafted web content may...

CVE-2025-68368

In the Linux kernel, the following vulnerability has been resolved: md: init bioset in mddevinit IO operations may be needed before mdrun, such as updating metadata after writing sysfs. Without bioset, this triggers a NULL pointer dereference as below: BUG: kernel NULL pointer dereference, addres...

CVE-2023-54034

In the Linux kernel, the following vulnerability has been resolved: iommufd: Make sure to zero vfioiommutype1info before copying to user Missed a zero initialization here. Most of the struct is filled with a copyfromuser, however minsz for that copy is smaller than the actual struct by 8 bytes,...

CVE-2023-54028

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix the error "trying to register non-static key in rxecleanuptask" In the function rxecreateqp, rxeqpfrominit is called to initialize qp, internally things like rxeinittask are not setup until rxeqpinitreq. If an error...

fs/ntfs3: Initialize allocated memory before use

...

nfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails.

...

SUSE CVE-2023-54001

In the Linux kernel, the following vulnerability has been resolved: staging: r8712: Fix memory leak in r8712initxmitpriv In the above mentioned routine, memory is allocated in several places. If the first succeeds and a later one fails, the routine will leak memory. This patch fixes commit...

SUSE CVE-2023-54034

In the Linux kernel, the following vulnerability has been resolved: iommufd: Make sure to zero vfioiommutype1info before copying to user Missed a zero initialization here. Most of the struct is filled with a copyfromuser, however minsz for that copy is smaller than the actual struct by 8 bytes,...