Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992758)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992758 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null check for toppipetoprogram in commitplanesforstream This commit address...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993031)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993031 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: unset reloc control if transaction commit fails in preparetorelocate In...

EUVD-2023-60422

In the Linux kernel, the following vulnerability has been resolved: Revert "IB/isert: Fix incorrect release of isert connection" Commit: 699826f4e30a "IB/isert: Fix incorrect release of isert connection" is causing problems on OPA when DEVICEREMOVAL is happening. ------------ cut here -----------...

EUVD-2023-60424

In the Linux kernel, the following vulnerability has been resolved: Revert "drm/msm: Add missing check and destroy for allocorderedworkqueue" This reverts commit 643b7d0869cc7f1f7a5ac7ca6bd25d88f54e31d0. A recent patch that tried to fix up the msmdrminit paths with respect to the workqueue but on...

CVE-2023-54217

In the Linux kernel, the following vulnerability has been resolved: Revert "drm/msm: Add missing check and destroy for allocorderedworkqueue" This reverts commit 643b7d0869cc7f1f7a5ac7ca6bd25d88f54e31d0. A recent patch that tried to fix up the msmdrminit paths with respect to the workqueue but on...

OESA-2025-2880 usbmuxd security update

usbmuxd is a socket daemon to multiplex connections from and to iOS devices.It allows multiple services on the device to be accessed simultaneously. Security Fixes: A Path Traversal vulnerability in usbmuxd allows local users to escalate to the service user.This issue affects usbmuxd: before...

CVE-2023-54219

CVE-2023-54219 affects the Linux kernel where reverting the IB/isert: Fix incorrect release of isert connection (commit 699826f4e30a) causes problems on Open Programmable Architecture (OPA) during DEVICE_REMOVAL. The vulnerability stems from the revert of the isert release fix, and it is observed...

CVE-2023-54217 Revert "drm/msm: Add missing check and destroy for alloc_ordered_workqueue"

In the Linux kernel, the following vulnerability has been resolved: Revert "drm/msm: Add missing check and destroy for allocorderedworkqueue" This reverts commit 643b7d0869cc7f1f7a5ac7ca6bd25d88f54e31d0. A recent patch that tried to fix up the msmdrminit paths with respect to the workqueue but on...

CVE-2023-54197 Revert "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work"

In the Linux kernel, the following vulnerability has been resolved: Revert "Bluetooth: btsdio: fix use after free bug in btsdioremove due to unfinished work" This reverts commit 1e9ac114c4428fdb7ff4635b45d4f46017e8916f. This patch introduces a possible null-ptr-def problem. Revert it. And the fix...

UBUNTU-CVE-2025-69217

coturn is a free open source implementation of TURN and STUN Server. Versions 4.6.2r5 through 4.7.0-r4 have a bad random number generator for nonces and port randomization after refactoring. Additionally, random numbers aren't generated with openssl's RANDbytes but libc's random if it's not runni...

CVE-2025-69217 Coturn has unsafe nonce and relay port randomization due to weak random number generation.

coturn is a free open source implementation of TURN and STUN Server. Versions 4.6.2r5 through 4.7.0-r4 have a bad random number generator for nonces and port randomization after refactoring. Additionally, random numbers aren't generated with openssl's RANDbytes but libc's random if it's not runni...

PT-2025-53832

Name of the Vulnerable Software and Affected Versions coturn versions 4.6.2r5 through 4.7.0-r4 Description coturn, a free open source implementation of TURN and STUN Server, contains a flaw related to its random number generator. Specifically, the random number generator for nonces and port...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992613)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992613 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: unset reloc control if transaction commit fails in preparetorelocate In...

CVE-2025-68349

In the Linux kernel, the following vulnerability has been resolved: NFSv4/pNFS: Clear NFSINOLAYOUTCOMMIT in pnfsmarklayoutstateidinvalid Fixes a crash when layout is null during this call stack: writeinode - nfs4writeinode - pnfslayoutcommitinode pnfssetlayoutcommit relies on the lseg refcount to...

NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid

...

SUSE CVE-2025-68349

In the Linux kernel, the following vulnerability has been resolved: NFSv4/pNFS: Clear NFSINOLAYOUTCOMMIT in pnfsmarklayoutstateidinvalid Fixes a crash when layout is null during this call stack: writeinode - nfs4writeinode - pnfslayoutcommitinode pnfssetlayoutcommit relies on the lseg refcount to...

SUSE CVE-2025-68353

In the Linux kernel, the following vulnerability has been resolved: net: vxlan: prevent NULL deref in vxlanxmitone Neither sock4 nor sock6 pointers are guaranteed to be non-NULL in vxlanxmitone, e.g. if the iface is brought down. This can lead to the following NULL dereference: BUG: kernel NULL...

CVE-2023-54158

Summary: CVE-2023-54158 affects the Linux kernel’s btrfs implementation, where an optimization in delayed inode handling can improperly free or free-trace qgroup reservations during subvolume creation, leaking reserved space and breaking proper accounting. The root cause involves btrfs_insert_del...

EUVD-2025-205105

In the Linux kernel, the following vulnerability has been resolved: NFSv4/pNFS: Clear NFSINOLAYOUTCOMMIT in pnfsmarklayoutstateidinvalid Fixes a crash when layout is null during this call stack: writeinode - nfs4writeinode - pnfslayoutcommitinode pnfssetlayoutcommit relies on the lseg refcount to...

AZL-73057 CVE-2025-68349 affecting package kernel for versions less than 6.6.121.1-1

In the Linux kernel, the following vulnerability has been resolved: NFSv4/pNFS: Clear NFSINOLAYOUTCOMMIT in pnfsmarklayoutstateidinvalid Fixes a crash when layout is null during this call stack: writeinode - nfs4writeinode - pnfslayoutcommitinode pnfssetlayoutcommit relies on the lseg refcount to...