OpenTelemetry eBPF Instrumentation: Java TLS ioctl kprobe allows kernel memory disclosure

Summary The Java TLS ioctl probe reads user-controlled ioctl pointers with bpfproberead instead of bpfprobereaduser. An instrumented local process can therefore point OBI at kernel memory and cause that memory to be copied into telemetry. Details The vulnerable path is in...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989515)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989515 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/mm: Disallow vsyscall page read for copyfromkernelnofault When trying to use...