Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001894)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001894 advisory. The clonemnt function in fs/namespace.c in the Linux kernel before 3.8.6 does not properly restrict changes to the MNTREADONLY flag, which allows local users to bypa...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002188)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002188 advisory. The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002312)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002312 advisory. Memory leak in the unshareuserns function in kernel/usernamespace.c in the Linux kernel before 3.10.6 allows local users to cause a denial of service memory...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002332)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002332 advisory. fs/btrfs/inode.c in the Linux kernel before 4.3.3 mishandles compressed inline extents, which allows local users to obtain sensitive pre-truncation information from ...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002436)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002436 advisory. The archduptaskstruct function in the Transactional Memory TM implementation in arch/powerpc/kernel/process.c in the Linux kernel before 3.13.7 on the powerpc platfo...

CVE-2025-68776

A flaw was found in the Linux kernel's High-availability Seamless Redundancy HSR networking component. This vulnerability occurs due to a missing NULL pointer check in the prpgetuntaggedframe function. An attacker could exploit this by triggering a scenario where a memory allocation fails, leadin...

CLSA-2026-1768392809 git: Fix of CVE-2024-32021

CVE-2024-32021: fix symlink vulnerability allowing creation of hardlinks to arbitrary files in local source repository cloning...

CVE-2025-68963

Man-in-the-middle attack vulnerability in the Clone module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

CVE-2025-68963

Man-in-the-middle attack vulnerability in the Clone module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

CVE-2025-68963

Man-in-the-middle attack vulnerability in the Clone module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

CVE-2025-68963

CVE-2025-68963 is a Man-in-the-Middle vulnerability in the Huawei Clone module affecting Huawei HarmonyOS (version 4.3.1) and Huawei EMUI (version 15.0.0). The flaw enables an adjacent attacker to compromise service confidentiality via cloning-related operations. Documented impact is confidential...

kernel: tls: wait for pending async decryptions if tls_strp_msg_hold fails

A vulnerability was found in tlsdecryptsg in net/tls/tlssw.c in networking subsystem in the Linux Kernel.In this flaw, If it fails to clone of the input skb to hold the reference to the memory it uses may lead a use-after-free...

kernel: tls: wait for pending async decryptions if tls_strp_msg_hold fails

A vulnerability was found in tlsdecryptsg in net/tls/tlssw.c in networking subsystem in the Linux Kernel.In this flaw, If it fails to clone of the input skb to hold the reference to the memory it uses may lead a use-after-free...

PT-2026-2568

Man-in-the-middle attack vulnerability in the Clone module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

CVE-2025-68776

In the Linux kernel, the following vulnerability has been resolved: net/hsr: fix NULL pointer dereference in prpgetuntaggedframe prpgetuntaggedframe calls pskbcopy to create frame-skbstd but doesn't check if the allocation failed. If pskbcopy returns NULL, skbclone is called with a NULL pointer,...

CVE-2025-68776 net/hsr: fix NULL pointer dereference in prp_get_untagged_frame()

In the Linux kernel, the following vulnerability has been resolved: net/hsr: fix NULL pointer dereference in prpgetuntaggedframe prpgetuntaggedframe calls pskbcopy to create frame-skbstd but doesn't check if the allocation failed. If pskbcopy returns NULL, skbclone is called with a NULL pointer,...

CLSA-2026-1768313573 ImageMagick: Fix of CVE-2025-55160

CVE-2025-55160: fix function pointer type mismatch in Clone functions...

PT-2026-2582

Tenda AX-3 v16.03.12.10 CN was discovered to contain a stack overflow in the cloneType2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

CVE-2025-71025

Tenda AX-3 v16.03.12.10CN was discovered to contain a stack overflow in the cloneType2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

MiracleLinux 9 : kernel-5.14.0-611.16.1.el9_7 (AXSA:2025-11625:100)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11625:100 advisory. kernel: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns CVE-2025-38499 kernel: iommufd: Fix race during abort for file...