Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989825)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989825 advisory. In the Linux kernel, the following vulnerability has been resolved: jffs2: fix use-after-free in jffs2clearxattrsubsystem When we mount a jffs2 image, assume that th...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990176)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990176 advisory. In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Reject out of bounds values in sndsocputvolsw We don't currently validate that the...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988886)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988886 advisory. In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: Fix NULL ptr dereference when ENOMEM Do not call snddmafreepages when...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989094)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989094 advisory. In the Linux kernel, the following vulnerability has been resolved: cfg80211: call cfg80211stopap when switch from P2PGO type If the userspace tools switch from...

CVE-2025-47361

Memory corruption when triggering a subsystem crash with an out-of-range identifier...

CVE-2025-47361 Improper Validation of Array Index in Automotive Software platform based on QNX

Memory corruption when triggering a subsystem crash with an out-of-range identifier...

PT-2025-44928

Name of the Vulnerable Software and Affected Versions Automotive Software platform based on QNX affected versions not specified Description A memory corruption issue exists when triggering a subsystem crash with an out-of-range identifier. The issue involves improper validation of an array index...

Qualcomm Chipsets 输入验证错误漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. An input validation error vulnerability exists in Qualcomm Chipsets that originates from a memory corruption that occurs when an out-of-range identifier is used to trigger a subsystem crash...

PT-2025-44926

Name of the Vulnerable Software and Affected Versions versions prior to November 4, 2025 Description An information disclosure issue exists when a user-level driver performs QFPROM read or write operations on Fuse regions. The issue involves missing authentication for a critical function in SMSS...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: The process of initializing wiphywork before allocating rfkill fails. The issue was reported as a syzbort in the function cfg80211devfree. After the rfkill allocation fails, the wiphywork initialization process wi...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: Clear the scratchpt pointer in case of an error. Avoid triggering a dereference of an error pointer during cleanup in xevmfreescratch, by clearing any scratchpt error pointers. Cherry-picked from commit...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fixed an infinite recursive call of clippush. syzbot reported the issue below. 0 This occurs when we call ioctlATMARPMKIP more than once. During the first call, clipmkip sets clippush to vcc-push; the second call copie...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: sme: cap SSID length in cfg80211connectresult If the ssid-datalen is greater than IEEE80211MAXSSIDLEN 32, it could lead to memory corruption. Therefore, bounds checking should be added...

USN-7835-4: Linux kernel (HWE) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...

USN-7835-4 linux-hwe-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: drm/vrr: Set VRR capable prop only if it is attached to connector VRR capable property is not attached by default to the connector It is attached only if VRR is supported. So if the driver tries to call drm core set prop function...

USN-7833-4: Linux kernel (GCP) vulnerabilities

Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to...

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-7853-1)

"The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7853-1 advisory. Jean-Claude Graf, Sandro Regge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor...

USN-7853-2: Linux kernel (FIPS) vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

USN-7853-2 linux-fips, linux-aws-fips, linux-gcp-fips vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...