Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986897)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986897 advisory. In the Linux kernel, the following vulnerability has been resolved: net/9p: Fix a potential socket leak in p9socketopen Both p9fdcreatetcp and p9fdcreateunix will ca...

PT-2025-41087

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s nvme-tcp subsystem. Specifically, a NULL pointer dereference can occur when running the 'nvme list' command during error recovery. This happens becaus...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from accessing a freed socket during error recovery, which could result in a null pointer dereference...

PT-2025-41130

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.5.0-rc7-syzkaller-gfe4469582053 Description The Linux kernel contains a flaw in the net/handshake/netlink.c component, specifically within the handshake nl done doit function. This issue can lead to a null...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414426)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414426 advisory. The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xsxprtfree before ensuring that sockets are in the intended state. Tenable has extracted the precedi...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986554)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986554 advisory. In the Linux kernel, the following vulnerability has been resolved: hvsock: Initializing vsk-trans to NULL to prevent a dangling pointer When hvs is released, there ...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-436290)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-436290 advisory. In the Linux kernel, the following vulnerability has been resolved: sctp: Fix null-ptr-deref in reuseportaddsock. syzbot reported a null-ptr-deref while accessing...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-423016)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-423016 advisory. In the Linux kernel, the following vulnerability has been resolved: tls: fix missing memory barrier in tlsinit In tlsinit, a write memory barrier is missing, and...

SUSE CVE-2023-53585

In the Linux kernel, the following vulnerability has been resolved: bpf: reject unhashed sockets in bpfskassign The semantics for bpfskassign are as follows: sk = somelookupfunc bpfskassignskb, sk bpfskreleasesk That is, the sk is not consumed by bpfskassign. The function therefore needs to make...

SUSE CVE-2023-53590

In the Linux kernel, the following vulnerability has been resolved: sctp: add a refcnt in sctpstreampriorities to avoid a nested loop With this refcnt added in sctpstreampriorities, we don't need to traverse all streams to check if the prio is used by other streams when freeing one stream's prio ...

SUSE CVE-2023-53601

In the Linux kernel, the following vulnerability has been resolved: bonding: do not assume skb macheader is set Drivers must not assume in their ndostartxmit that skbs have their macheader set. skb-data is all what is needed. bonding seems to be one of the last offender as caught by syzbot:...

CVE-2023-53585

In the Linux kernel, the following vulnerability has been resolved: bpf: reject unhashed sockets in bpfskassign The semantics for bpfskassign are as follows: sk = somelookupfunc bpfskassignskb, sk bpfskreleasesk That is, the sk is not consumed by bpfskassign. The function therefore needs to make...

CVE-2023-53559

In the Linux kernel, the following vulnerability has been resolved: ipvti: fix potential slab-use-after-free in decodesession6 When ipvti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when ipvti devic...

UBUNTU-CVE-2023-53559

In the Linux kernel, the following vulnerability has been resolved: ipvti: fix potential slab-use-after-free in decodesession6 When ipvti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when ipvti devic...

UBUNTU-CVE-2023-53585

In the Linux kernel, the following vulnerability has been resolved: bpf: reject unhashed sockets in bpfskassign The semantics for bpfskassign are as follows: sk = somelookupfunc bpfskassignskb, sk bpfskreleasesk That is, the sk is not consumed by bpfskassign. The function therefore needs to make...

CVE-2023-53601 bonding: do not assume skb mac_header is set

In the Linux kernel, the following vulnerability has been resolved: bonding: do not assume skb macheader is set Drivers must not assume in their ndostartxmit that skbs have their macheader set. skb-data is all what is needed. bonding seems to be one of the last offender as caught by syzbot:...

CVE-2023-53601 bonding: do not assume skb mac_header is set

In the Linux kernel, the following vulnerability has been resolved: bonding: do not assume skb macheader is set Drivers must not assume in their ndostartxmit that skbs have their macheader set. skb-data is all what is needed. bonding seems to be one of the last offender as caught by syzbot:...

CVE-2023-53600 tunnels: fix kasan splat when generating ipv4 pmtu error

In the Linux kernel, the following vulnerability has been resolved: tunnels: fix kasan splat when generating ipv4 pmtu error If we try to emit an icmp error in response to a nonliner skb, we get BUG: KASAN: slab-out-of-bounds in ipcomputecsum+0x134/0x220 Read of size 4 at addr ffff88811c50db00 by...

CVE-2023-53585 bpf: reject unhashed sockets in bpf_sk_assign

In the Linux kernel, the following vulnerability has been resolved: bpf: reject unhashed sockets in bpfskassign The semantics for bpfskassign are as follows: sk = somelookupfunc bpfskassignskb, sk bpfskreleasesk That is, the sk is not consumed by bpfskassign. The function therefore needs to make...

CVE-2023-53585 bpf: reject unhashed sockets in bpf_sk_assign

In the Linux kernel, the following vulnerability has been resolved: bpf: reject unhashed sockets in bpfskassign The semantics for bpfskassign are as follows: sk = somelookupfunc bpfskassignskb, sk bpfskreleasesk That is, the sk is not consumed by bpfskassign. The function therefore needs to make...