Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990105)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990105 advisory. In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix the error handling path in idxdcdevregister If a call to allocchrdevregion...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988856)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988856 advisory. In the Linux kernel, the following vulnerability has been resolved: capabilities: fix potential memleak on error path from vfsgetxattralloc In capinodegetsecurity, w...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989558)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989558 advisory. In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix the error handling path in idxdcdevregister If a call to allocchrdevregion...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989447)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989447 advisory. In the Linux kernel, the following vulnerability has been resolved: net/mlx4en: Fix an use-after-free bug in mlx4entryallocresources In mlx4entryallocresources,...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988914)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988914 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on curseg-alloctype As Wenqing Liu reported in bugzilla:...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990232)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990232 advisory. In the Linux kernel, the following vulnerability has been resolved: ubi: fastmap: Fix duplicate slab cache names while attaching Since commit 4c39529663b9 slab: Warn...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988970)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988970 advisory. In the Linux kernel, the following vulnerability has been resolved: block: Fix handling of offline queues in blkmqallocrequesthctx This patch prevents that test...

SUSE CVE-2025-40037

In the Linux kernel, the following vulnerability has been resolved: fbdev: simplefb: Fix use after free in simplefbdetachgenpds The pmdomain cleanup can not be devres managed as it uses struct simplefbpar which is allocated within struct fbinfo by framebufferalloc. This allocation is explicitly...

SUSE CVE-2025-40044

In the Linux kernel, the following vulnerability has been resolved: fs: udf: fix OOB read in lengthAllocDescs handling When parsing Allocation Extent Descriptor, lengthAllocDescs comes from on-disk data and must be validated against the block size. Crafted or corrupted images may set...

CVE-2025-40063

In the Linux kernel, the following vulnerability has been resolved: crypto: comp - Use same definition of context alloc and free ops In commit 42d9f6c77479 "crypto: acomp - Move scomp stream allocation code into acomp", the cryptoacompstreams struct was made to rely on having the allocctx and...

AZL-68843 CVE-2025-40044 affecting package kernel for versions less than 6.6.112.1-2

In the Linux kernel, the following vulnerability has been resolved: fs: udf: fix OOB read in lengthAllocDescs handling When parsing Allocation Extent Descriptor, lengthAllocDescs comes from on-disk data and must be validated against the block size. Crafted or corrupted images may set...

UBUNTU-CVE-2025-40063

In the Linux kernel, the following vulnerability has been resolved: crypto: comp - Use same definition of context alloc and free ops In commit 42d9f6c77479 "crypto: acomp - Move scomp stream allocation code into acomp", the cryptoacompstreams struct was made to rely on having the allocctx and...

CVE-2025-40063 crypto: comp - Use same definition of context alloc and free ops

In the Linux kernel, the following vulnerability has been resolved: crypto: comp - Use same definition of context alloc and free ops In commit 42d9f6c77479 "crypto: acomp - Move scomp stream allocation code into acomp", the cryptoacompstreams struct was made to rely on having the allocctx and...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from inconsistent definitions of the allocctx and freectx operations, which could lead to problems with...

Siemens SIMATIC Devices NULL Pointer Dereference (CVE-2024-50153)

In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Fix null-ptr-deref in targetallocdevice There is a null-ptr-deref issue reported by KASAN: BUG: KASAN: null-ptr-deref in targetallocdevice+0xbc4/0xbe0 targetcoremod ... kasanreport+0xb9/0xf0...

Linux Distros Unpatched Vulnerability : CVE-2025-40012

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/smc: fix warning in smcrxsplice when calling getpage smcloregisterdmb allocates DMB buffers with kzalloc, which are later passed to getpage in smcrxsplice...

Siemens SIMATIC Devices Use After Free (CVE-2025-21764)

ndisc: use RCU protection in ndiscallocskb This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503652; scriptversion"1.2";...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987661)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987661 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on curseg-alloctype As Wenqing Liu reported in bugzilla:...

kernel: RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction

In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix use-after-free of work objects after cmid destruction The commit 59c68ac31e15 "iwcm: free cmid resources on the last deref" simplified cmid resource management by freeing cmid once all references to the cmid were...

CVE-2022-50544

In the Linux kernel, the following vulnerability has been resolved: usb: host: xhci: Fix potential memory leak in xhciallocstreaminfo xhciallocstreaminfo allocates stream context array for streaminfo -streamctxarray with xhciallocstreamctx. When some error occurs, streaminfo-streamctxarray is not...