Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007311)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007311 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: Stop looking for coalesced MMIO zones if the bus is destroyed Abort the walk of coalesced MM...

AMD EPYC 安全漏洞

AMD EPYC is a high-performance server processor developed by American semiconductor company AMD. AMD EPYC has a security vulnerability that stems from the lack of lock verification. This vulnerability could allow for modifications to MMIO routes and undermine the integrity of customer systems...

Unity Linux 20.1070e Security Update: openldap (UTSA-2026-007094)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007094 advisory. OpenLDAP Lightning Memory-Mapped Database LMDB versions up to and including 0.9.14, prior to commit 8e1fda8, contain a heap buffer underflow in the readline function...

EUVD-2026-7407

OpenEXR has heap-buffer-overflow via signed integer underflow in ImfContextInit.cpp...

OpenEXR has heap-buffer-overflow via signed integer underflow in ImfContextInit.cpp

Summary A heap-buffer-overflow OOB read occurs in the istreamnonparallelread function in ImfContextInit.cpp when parsing a malformed EXR file through a memory-mapped IStream. A signed integer subtraction produces a negative value that is implicitly converted to sizet, resulting in a massive lengt...

EUVD-2026-18732

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Open-code GGTT MMIO access protection GGTT MMIO access is currently protected by hotplug drmdeventer, which works correctly when the driver loads successfully and is later unbound or unloaded. However, if driver load fail...

CVE-2026-23466

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Open-code GGTT MMIO access protection GGTT MMIO access is currently protected by hotplug drmdeventer, which works correctly when the driver loads successfully and is later unbound or unloaded. However, if driver load fail...

UBUNTU-CVE-2026-23466

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Open-code GGTT MMIO access protection GGTT MMIO access is currently protected by hotplug drmdeventer, which works correctly when the driver loads successfully and is later unbound or unloaded. However, if driver load fail...

CVE-2026-23466 drm/xe: Open-code GGTT MMIO access protection

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Open-code GGTT MMIO access protection GGTT MMIO access is currently protected by hotplug drmdeventer, which works correctly when the driver loads successfully and is later unbound or unloaded. However, if driver load fail...

KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE

...

CVE-2026-23401

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE When installing an emulated MMIO SPTE, do so after dropping/zapping the existing SPTE if it's shadow-present. While commit a54aa15c6bda3 was right about...

UBUNTU-CVE-2026-23401

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE When installing an emulated MMIO SPTE, do so after dropping/zapping the existing SPTE if it's shadow-present. While commit a54aa15c6bda3 was right about...

CVE-2026-23401

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE When installing an emulated MMIO SPTE, do so after dropping/zapping the existing SPTE if it's shadow-present. While commit a54aa15c6bda3 was right about...

Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50170)

The remote Oracle Linux 10 / 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-50170 advisory. 6.12.0-200.74.27.1 - KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE Sean Christopherson Orabug: 39071315 Tenable has extract...

kernel: x86/tdx: Fix "in-kernel MMIO" check

A flaw was found in the Linux kernel. Userspace can deceive the kernel into performing MMIO Memory-Mapped IO operations in TDX Trust Domain Extensions on its behalf, allowing a VE Virtualization Exception to be incorrectly handled as a in-kernel MMIO operation...

kernel: x86/tdx: Fix "in-kernel MMIO" check

A flaw was found in the Linux kernel. Userspace can deceive the kernel into performing MMIO Memory-Mapped IO operations in TDX Trust Domain Extensions on its behalf, allowing a VE Virtualization Exception to be incorrectly handled as a in-kernel MMIO operation...

OESA-2026-1428 openldap security update

OpenLDAP is an open source suite of LDAP Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols for accessing directory services usually phone book style information, but other information is possible over the Internet, similar to the way DNS Domain...

OESA-2026-1426 openldap security update

OpenLDAP is an open source suite of LDAP Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols for accessing directory services usually phone book style information, but other information is possible over the Internet, similar to the way DNS Domain...

Signed to Unsigned Conversion Error

Overview Affected versions of this package are vulnerable to Signed to Unsigned Conversion Error via the istreamnonparallelread function in ImfContextInit.cpp when parsing a malformed EXR file through a memory-mapped IStream. An attacker can cause a heap buffer overflow by supplying a specially...

UBUNTU-CVE-2026-26981

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.0 through 3.3.6 and 3.4.0 through 3.4.4, a heap-buffer-overflow OOB read occurs in the istreamnonparallelread function in...