Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992987)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992987 advisory. In the Linux kernel, the following vulnerability has been resolved: kcm: fix strpinit order and cleanup strpinit is called just a few lines above this csk-skuserdata...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993193)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993193 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath9khtc: Use skbsetlength for resetting urb before resubmit Syzbot points out that skbtrim...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993203)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993203 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: check return value of sockrecvmsg when draining clc data When receiving clc msg, the fie...

Unity Linux 20.1060a Security Update: kernel (UTSA-2025-993286)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993286 advisory. In the Linux kernel, the following vulnerability has been resolved: net: If sock is dead don't access sock's skwq in skstreamwaitmemory Fixes the below NULL pointer...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-992799)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992799 advisory. In the Linux kernel, the following vulnerability has been resolved: net: If sock is dead don't access sock's skwq in skstreamwaitmemory Fixes the below NULL pointer...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993264)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993264 advisory. In the Linux kernel, the following vulnerability has been resolved: kcm: annotate data-races around kcm-rxpsock kcm-rxpsock can be read locklessly in kcmrfree...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993157)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993157 advisory. In the Linux kernel, the following vulnerability has been resolved: mt76: mt76x02u: fix possible memory leak in mt76x02umcusendmsg Free the skb if mt76ubulkmsg fails...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993245)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993245 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: socket: Lookup orig tuple for IPv6 SNAT nfsklookupslowv4 does the conntrack lookup for...

EUVD-2023-60465

In the Linux kernel, the following vulnerability has been resolved: mptcp: stricter state check in mptcpworker As reported by Christoph, the mptcp protocol can run the worker when the relevant msk socket is in an unexpected state: connect // incoming reset + fastclose // the mptcp worker is...

EUVD-2022-55911

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix NULL-ptr-deref in rxeqpdocleanup when socket create failed There is a null-ptr-deref when mount.cifs over rdma: BUG: KASAN: null-ptr-deref in rxeqpdocleanup+0x2f3/0x360 rdmarxe Read of size 8 at addr 000000000000001...

EUVD-2022-55844

In the Linux kernel, the following vulnerability has been resolved: nfc: virtualncidev: Fix memory leak in virtualncisend skb should be free in virtualncisend, otherwise kmemleak will report memleak. Steps for reproduction simulated in qemu: cd tools/testing/selftests/nci make ./ncidev BUG: memor...

EUVD-2022-55860

In the Linux kernel, the following vulnerability has been resolved: net: stream: purge skerrorqueue in skstreamkillqueues Changheon Lee reported TCP socket leaks, with a nice repro. It seems we leak TCP sockets with the following sequence: 1 SOFTIMESTAMPINGTXACK is enabled on the socket. Each ACK...

EUVD-2022-55866

In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: fix potential memory leak in wilcmacxmit The wilcmacxmit returns NETDEVTXOK without freeing skb, add devkfreeskb to fix it. Compile tested only...

EUVD-2022-55881

In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid possible NULL deref in skbclone syzbot got a crash 1 in skbclone, caused by a bug in hsrgetuntaggedframe. When/if createstrippedskbhsr returns NULL, we must not attempt to call skbclone. While we are at it, replac...

CVE-2023-54238

In the Linux kernel, the following vulnerability has been resolved: mlx5: fix skb leak while fifo resync and push During ptp resync operation SKBs were poped from the fifo but were never freed neither by napiconsume nor by devkfreeskbany. Add call to napiconsumeskb to properly free SKBs. Another...

CVE-2023-54176

In the Linux kernel, the following vulnerability has been resolved: mptcp: stricter state check in mptcpworker As reported by Christoph, the mptcp protocol can run the worker when the relevant msk socket is in an unexpected state: connect // incoming reset + fastclose // the mptcp worker is...

CVE-2022-50885

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix NULL-ptr-deref in rxeqpdocleanup when socket create failed There is a null-ptr-deref when mount.cifs over rdma: BUG: KASAN: null-ptr-deref in rxeqpdocleanup+0x2f3/0x360 rdmarxe Read of size 8 at addr 000000000000001...

CVE-2022-50854

In the Linux kernel, the following vulnerability has been resolved: nfc: virtualncidev: Fix memory leak in virtualncisend skb should be free in virtualncisend, otherwise kmemleak will report memleak. Steps for reproduction simulated in qemu: cd tools/testing/selftests/nci make ./ncidev BUG: memor...

CVE-2023-54164

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: fix isoconn related locking and validity issues sk-skstate indicates whether isopisk-conn is valid. Operations that check/update skstate and access conn should hold locksock, otherwise they can race. The order of...

CVE-2022-50863

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: free unused skb to prevent memory leak This avoid potential memory leak under power saving mode...