Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004245)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004245 advisory. In the Linux kernel before 5.5.8, getrawsocket in drivers/vhost/net.c lacks validation of an skfamily field, which might allow attackers to trigger kernel stack...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000663)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000663 advisory. crypto/algifskcipher.c in the Linux kernel before 4.4.2 does not verify that a setkey operation has been performed on an AFALG socket before an accept system call is...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001237)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001237 advisory. The XFRM dump policy implementation in net/xfrm/xfrmuser.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001124)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001124 advisory. In net/socket.c in the Linux kernel through 4.17.1, there is a race condition between fchownat and close in cases where they target the same socket file descriptor,...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000555)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000555 advisory. The rfcommsockrecvmsg function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local...

MiracleLinux 4 : kernel-2.6.32-431.23.3.el6 (AXSA:2014-490:04)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-490:04 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001467)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001467 advisory. A vulnerability was found in Linux kernel where non-blocking socket in llcpsockconnect leads to leak and eventually hanging-up the system. Tenable has extracted the...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001063)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001063 advisory. The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004797)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004797 advisory. A use-after-free flaw was found in the Linux Kernel due to a race problem in the unix garbage collector's deletion of SKB races with unixstreamreadgeneric on the...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003917)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003917 advisory. An issue was discovered in cancangwrcv in net/can/gw.c in the Linux kernel through 4.19.13. The CAN frame modification rules allow bitwise logical operations that ca...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004078)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004078 advisory. A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where it incorrectly assumed that an skb would only contain a single netlin...

CVE-2025-59961

An Incorrect Permission Assignment for Critical Resource vulnerability in the Juniper DHCP daemon jdhcpd of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged user to write to the Unix socket used to manage the jdhcpd process, resulting in complete control over the...

CVE-2025-59961

An Incorrect Permission Assignment for Critical Resource vulnerability in the Juniper DHCP daemon jdhcpd of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged user to write to the Unix socket used to manage the jdhcpd process, resulting in complete control over the...

CVE-2025-59961

An Incorrect Permission Assignment for Critical Resource vulnerability in the Juniper DHCP daemon jdhcpd of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged user to write to the Unix socket used to manage the jdhcpd process, resulting in complete control over the...

EUVD-2026-2702

An Incorrect Permission Assignment for Critical Resource vulnerability in the Juniper DHCP daemon jdhcpd of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged user to write to the Unix socket used to manage the jdhcpd process, resulting in complete control over the...

CVE-2025-59961 Junos OS and Junos OS Evolved: Unix socket used to control the jdhcpd process is world-writable

An Incorrect Permission Assignment for Critical Resource vulnerability in the Juniper DHCP daemon jdhcpd of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged user to write to the Unix socket used to manage the jdhcpd process, resulting in complete control over the...

CVE-2025-59961 Junos OS and Junos OS Evolved: Unix socket used to control the jdhcpd process is world-writable

An Incorrect Permission Assignment for Critical Resource vulnerability in the Juniper DHCP daemon jdhcpd of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged user to write to the Unix socket used to manage the jdhcpd process, resulting in complete control over the...

CVE-2025-59961

CVE-2025-59961 describes an Incorrect Permission Assignment vulnerability in Juniper’s DHCP daemon (jdhcpd) used by Junos OS and Junos OS Evolved. A local, low-privilege user can write to the Unix socket that manages jdhcpd, enabling administrative control over the DHCP service. Affected products...

net/handshake: duplicate handshake cancellations leak socket

...

CVE-2025-68775

A race condition flaw was found in the Linux kernel's network handshake subsystem. When duplicate handshake cancellation requests arrive for the same TLS handshake such as during SUNRPC/NFS TLS negotiation timeouts, the code fails to detect the duplicate and incorrectly manipulates the socket...