503 matches found
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001969)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001969 advisory. The cipsov4validate function in net/ipv4/cipsoipv4.c in the Linux kernel before 3.4.8 allows local users to cause a denial of service NULL pointer dereference and...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001958)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001958 advisory. The socksetsockopt function in net/core/sock.c in the Linux kernel before 3.5 mishandles negative values of sksndbuf and skrcvbuf, which allows local users to cause ...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003545)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003545 advisory. The irdasetsockopt function in net/irda/afirda.c and later in drivers/staging/irda/net/afirda.c in the Linux kernel before 4.17 allows local users to cause a denial ...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002934)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002934 advisory. Race condition in net/packet/afpacket.c in the Linux kernel before 4.9.13 allows local users to cause a denial of service use-after-free or possibly have unspecified...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003016)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003016 advisory. The IPTSOSETREPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6 allows local users to cause a denial of service out-of-bounds...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002352)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002352 advisory. The udpv6pushpendingframes function in net/ipv6/udp.c in the IPv6 implementation in the Linux kernel through 3.10.3 makes an incorrect function call for pending data...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002187)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002187 advisory. The socksetsockopt function in net/core/sock.c in the Linux kernel before 3.5.7 does not ensure that a keepalive action is associated with a stream socket, which...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002092)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002092 advisory. The Linux kernel before 3.12, when UDP Fragmentation Offload UFO is enabled, does not properly initialize certain data structures, which allows local users to cause ...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000864)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000864 advisory. The socksetsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sksndbuf and skrcvbuf, which allows local users to cau...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000998)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000998 advisory. The cipsov4validate function in net/ipv4/cipsoipv4.c in the Linux kernel before 3.4.8 allows local users to cause a denial of service NULL pointer dereference and...
SUSE CVE-2025-40149
In the Linux kernel, the following vulnerability has been resolved: tls: Use skdstget and dstdevrcu in getnetdevforsock. getnetdevforsock is called during setsockopt, so not under RCU. Using skdstgetsk-dev could trigger UAF. Let's use skdstget and dstdevrcu. Note that the only -ndoskgetlowerdev...
UBUNTU-CVE-2025-40149
In the Linux kernel, the following vulnerability has been resolved: tls: Use skdstget and dstdevrcu in getnetdevforsock. getnetdevforsock is called during setsockopt, so not under RCU. Using skdstgetsk-dev could trigger UAF. Let's use skdstget and dstdevrcu. Note that the only -ndoskgetlowerdev...
CVE-2025-40149
In the Linux kernel, the following vulnerability has been resolved: tls: Use skdstget and dstdevrcu in getnetdevforsock. getnetdevforsock is called during setsockopt, so not under RCU. Using skdstgetsk-dev could trigger UAF. Let's use skdstget and dstdevrcu. Note that the only -ndoskgetlowerdev...
Siemens SIMATIC Devices Improper Input Validation (CVE-2024-35967)
Bluetooth: SCO: Fix not validating setsockopt user input This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503473; scriptversion"1.2";...
Siemens SIMATIC Devices Integer Overflow or Wraparound (CVE-2025-21711)
net/rose: prevent integer overflows in rosesetsockopt This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503507; scriptversion"1.2";...
Siemens SIMATIC Devices Classic Buffer Overflow (CVE-2024-35965)
Bluetooth: L2CAP: Fix not validating setsockopt user input Check user input length before copying data. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...
Linux Distros Unpatched Vulnerability : CVE-2022-50531
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tipc: fix an information leak in tipctopsrvkernsubscr Use a 8-byte write to initialize...
kernel: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c
A flaw was discovered in processing setsockopt IPTSOSETREPLACE or IP6TSOSETREPLACE for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space. This action is usually restricted to root-privileged users but can also be leverage...
SUSE CVE-2022-50531
In the Linux kernel, the following vulnerability has been resolved: tipc: fix an information leak in tipctopsrvkernsubscr Use a 8-byte write to initialize sub.usrhandle in tipctopsrvkernsubscr, otherwise four bytes remain uninitialized when issuing setsockopt..., SOLTIPC, .... This resulted in an...
CLSA-2025-1759866837 kernel: Fix of 44 CVEs
mm: zswap: fix missing folio cleanup in writeback race path CVE-2024-26832 - mm: fix zswap writeback race condition CVE-2023-53178 - dm array: fix releasing a faulty array block twice in dmarraycursorend CVE-2024-57929 - drm/dpmst: Fix MST sideband message body length check CVE-2024-56616 - gpio:...