YDB security vulnerabilities

YDB is an open-source distributed SQL database developed by the YDB Platform. Versions of YDB prior to 24.4.4.2 contained security vulnerabilities. These vulnerabilities stemmed from the program file yailtree.C failing to release memory after a valid lifecycle was completed...

Benchmarking Machine Learning Models for IoT Malware Detection under Data Scarcity and Drift

The rapid expansion of the Internet of Things IoT in domains such as smart cities, transportation, and industrial systems has heightened the urgency of addressing their security vulnerabilities. IoT devices often operate under limited computational resources, lack robust physical safeguards, and...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37988)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37988 advisory. - In the Linux kernel, the following vulnerability has been resolved: fix a couple of races in MNTTREEBENEATH...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21658)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21658 advisory. - In the Linux kernel, the following vulnerability has been resolved: btrfs: avoid NULL pointer dereference if...

Azure Linux 3.0 Security Update: kernel (CVE-2025-22079)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-22079 advisory. - In the Linux kernel, the following vulnerability has been resolved: ocfs2: validate ltreedepth to avoid...

Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-27058)

The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27058 advisory. - In the Linux kernel, the following vulnerability has been resolved: tmpfs: fix race on handling dquo...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38059)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38059 advisory. - In the Linux kernel, the following vulnerability has been resolved: btrfs: avoid NULL pointer dereference if...

SUSE CVE-2025-68817

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in ksmbdtreeconnectput under concurrency Under high concurrency, A tree-connection object tcon is freed on a disconnect path while another path still holds a reference and later executes put/write on it...

An Optimized Decision Tree-Based Framework for Explainable IoT Anomaly Detection

The increase in the number of Internet of Things IoT devices has tremendously increased the attack surface of cyber threats thus making a strong intrusion detection system IDS with a clear explanation of the process essential towards resource-constrained environments. Nevertheless, current IoT ID...

SUSE CVE-2025-71122

In the Linux kernel, the following vulnerability has been resolved: iommufd/selftest: Check for overflow in IOMMUTESTOPADDRESERVED syzkaller found it could overflow math in the test infrastructure and cause a WARNON by corrupting the reserved interval tree. This only effects test kernels with...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001358)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001358 advisory. An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in btrfsrootnode when mounting a crafted btrfs image, because of...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001502)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001502 advisory. In the Linux kernel before 5.15.3, fs/quota/quotatree.c does not validate the block number in the quota tree on disk. This can, for example, lead to a...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003613)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003613 advisory. btrfsfreeextent in fs/btrfs/extent-tree.c in the Linux kernel through 5.3.12 calls btrfsprintleaf in a certain ENOENT case, which allows local users to obtain...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003665)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003665 advisory. A memory leak in the unittestdataadd function in drivers/of/unittest.c in the Linux kernel before 5.3.10 allows attackers to cause a denial of service memory...

CVE-2025-71081

In the Linux kernel, the following vulnerability has been resolved: ASoC: stm32: sai: fix OF node leak on probe The reference taken to the sync provider OF node when probing the platform device is currently only dropped if the setsync callback fails during DAI probe. Make sure to drop the referen...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003287)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003287 advisory. An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in btrfsrootnode when mounting a crafted btrfs image, because of...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002200)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002200 advisory. The pivotroot implementation in fs/namespace.c in the Linux kernel through 3.17 does not properly interact with certain locations of a chroot directory, which allows...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003035)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003035 advisory. An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in ioctlmappage when mounting and operating a crafted btrfs imag...

CVE-2025-68817

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in ksmbdtreeconnectput under concurrency Under high concurrency, A tree-connection object tcon is freed on a disconnect path while another path still holds a reference and later executes put/write on it...

UBUNTU-CVE-2025-71122

In the Linux kernel, the following vulnerability has been resolved: iommufd/selftest: Check for overflow in IOMMUTESTOPADDRESERVED syzkaller found it could overflow math in the test infrastructure and cause a WARNON by corrupting the reserved interval tree. This only effects test kernels with...