Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989662)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989662 advisory. In the Linux kernel, the following vulnerability has been resolved: tipc: fix NULL deref in cleanupbearer syzbot found 1 that after blamed commit, ub-ubsock-sk was...

CVE-2024-56661 tipc: fix NULL deref in cleanup_bearer()

In the Linux kernel, the following vulnerability has been resolved: tipc: fix NULL deref in cleanupbearer syzbot found 1 that after blamed commit, ub-ubsock-sk was NULL when attempting the atomicdec : atomicdec&tipcnetsocknetub-ubsock-sk-wqcount; Fix this by caching the tipcnet pointer. 1 Oops:...

CVE-2024-56661 tipc: fix NULL deref in cleanup_bearer()

In the Linux kernel, the following vulnerability has been resolved: tipc: fix NULL deref in cleanupbearer syzbot found 1 that after blamed commit, ub-ubsock-sk was NULL when attempting the atomicdec : atomicdec&tipcnetsocknetub-ubsock-sk-wqcount; Fix this by caching the tipcnet pointer. 1 Oops:...

CVE-2024-56642 tipc: Fix use-after-free of kernel socket in cleanup_bearer().

In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free of kernel socket in cleanupbearer. syzkaller reported a use-after-free of UDP kernel socket in cleanupbearer without repro. 01 When bearerdisable calls tipcudpdisable, cleanup of the UDP kernel socket is...

CVE-2024-56642

CVE-2024-56642 fixes a Linux kernel tipc use-after-free involving UDP sockets in cleanup_bearer(). The bug occurred when bearer_disable() leads to tipc_udp_disable(), and cleanup_bearer() decrements tipc_net(net)->wq_count too early, allowing a socket to be freed before its cleanup work comple...