RockyLinux 9 : kernel (RLSA-2025:19105)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:19105 advisory. kernel: vsock/virtio: Validate length in packet header before skbput CVE-2025-39718 kernel: NFS: Fix filehandle bounds checking in nfsfhtodentry...

kernel: pstore/ram: Check start of empty przs during init

An out of bounds array vulnerability exists in the linux kernel, such that a missing check on the start field of a PRZ persistent ram zone during initialization leads to damage to the availability and integrity of the system...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990539)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990539 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: initialize registers in nftdochain Initialize registers to avoid stack leak...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990436)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990436 advisory. In the Linux kernel, the following vulnerability has been resolved: sit: do not call ipip6devfree from sitinitnet ipip6devfree is sit dev-privdestructor, already...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990439)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990439 advisory. In the Linux kernel, the following vulnerability has been resolved: hid: cp2112: Fix duplicate workqueue initialization Previously the cp2112 driver called...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990621)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990621 advisory. In the Linux kernel, the following vulnerability has been resolved: virtioconsole: eliminate anonymous moduleinit & moduleexit Eliminate anonymous moduleinit and...

AZL-69863 CVE-2025-47151 affecting package lasso 2.8.0-1

A type confusion vulnerability exists in the lassonodeimplinitfromxml functionality of Entr'ouvert Lasso 2.5.1 and 2.8.2. A specially crafted SAML response can lead to an arbitrary code execution. An attacker can send a malformed SAML response to trigger this vulnerability...

CVE-2025-47151

A type confusion vulnerability exists in the lassonodeimplinitfromxml functionality of Entr'ouvert Lasso 2.5.1 and 2.8.2. A specially crafted SAML response can lead to an arbitrary code execution. An attacker can send a malformed SAML response to trigger this vulnerability...

CVE-2025-46784

A denial of service vulnerability exists in the lassonodeinitfrommessagewithformat functionality of Entr'ouvert Lasso 2.5.1. A specially crafted SAML response can lead to a memory depletion, resulting in denial of service. An attacker can send a malformed SAML response to trigger this vulnerabili...

CVE-2025-11690

An Insecure Direct Object Reference IDOR vulnerability exists in the vehicleId parameter, allowing unauthorized access to sensitive information of other users’ vehicles. Exploiting this issue enables an attacker to retrieve data such as GPS coordinates, encryption keys, initialization vectors,...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988858)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988858 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: invalid parameter check in dpusetupdspppcc The function performs a check on the ctx...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989302)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989302 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp: fix tcpinittransfer to not reset icskcainitialized This commit fixes a bug found by syzkalle...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989981)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989981 advisory. In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value in copyname syzbot reported BUG: KMSAN: uninit-value in...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988789)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988789 advisory. In the Linux kernel, the following vulnerability has been resolved: ath9khtc: fix uninit value bugs Syzbot reported 2 KMSAN bugs in ath9k. All of them are caused by...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990140)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990140 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: free inode when ocfs2getinitinode fails syzbot is reporting busy inodes after unmount, for...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989514)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989514 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: avoid a use-after-free when BO init fails nouveauboinit is backed by ttmboinit and...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989164)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989164 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv6: fix another slab-out-of-bounds in fib6nhflushexceptions While running the self-tests on a...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990074)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990074 advisory. In the Linux kernel, the following vulnerability has been resolved: net: ipv6: unexport init-annotated seg6hmacinit EXPORTSYMBOL and init is a bad combination becaus...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990233)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990233 advisory. In the Linux kernel, the following vulnerability has been resolved: net: fix UaF in netns ops registration error path If netassigngeneric fails, the current error pa...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988708)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988708 advisory. In the Linux kernel, the following vulnerability has been resolved: efi: fix NULL-deref in init error path In cases where runtime services are not supported or have...