GO-2025-4017 Panic occurs when queuing undecryptable packets after handshake completion in github.com/quic-go/quic-go

Panic occurs when queuing undecryptable packets after handshake completion in github.com/quic-go/quic-go...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989872)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989872 advisory. In the Linux kernel, the following vulnerability has been resolved: kdb: Fix buffer overflow during tab-complete Currently, when the user attempts symbol completion...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988710)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988710 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix use-after-free for aborted TMF sastask Currently a use-after-free may occur if ...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990023)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990023 advisory. In the Linux kernel, the following vulnerability has been resolved: nfs: fix UAF in direct writes In production we have been hitting the following warning...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990229)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990229 advisory. In the Linux kernel, the following vulnerability has been resolved: kdb: Fix buffer overflow during tab-complete Currently, when the user attempts symbol completion...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990370)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990370 advisory. In the Linux kernel, the following vulnerability has been resolved: nfs: fix UAF in direct writes In production we have been hitting the following warning...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990055)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990055 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix use-after-free for aborted SSP/STP sastask Currently a use-after-free may occur...

kernel: tls: separate no-async decryption request handling from async

In the Linux kernel, the following vulnerability has been resolved: tls: separate no-async decryption request handling from async If we're not doing async, the handling is much simpler. There's no reference counting, we just need to wait for the completion to wake us up and return its result. We...

KVM: x86: Don't (re)check L1 intercepts when completing userspace I/O

...

kernel: RDMA/irdma: Fix a window for use-after-free

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix a window for use-after-free During a destroy CQ an interrupt may cause processing of a CQE after CQ resources are freed by irdmacqfreersrc. Fix this by moving the call to irdmacqfreersrc after the...

SUSE CVE-2025-40026

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Don't recheck L1 intercepts when completing userspace I/O When completing emulation of instruction that generated a userspace exit for I/O, don't recheck L1 intercepts as KVM has already finished that phase of instructi...

EUVD-2025-36441

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Don't recheck L1 intercepts when completing userspace I/O When completing emulation of instruction that generated a userspace exit for I/O, don't recheck L1 intercepts as KVM has already finished that phase of instructi...

CVE-2025-40026 KVM: x86: Don't (re)check L1 intercepts when completing userspace I/O

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Don't recheck L1 intercepts when completing userspace I/O When completing emulation of instruction that generated a userspace exit for I/O, don't recheck L1 intercepts as KVM has already finished that phase of instructi...

CVE-2025-40026 KVM: x86: Don't (re)check L1 intercepts when completing userspace I/O

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Don't recheck L1 intercepts when completing userspace I/O When completing emulation of instruction that generated a userspace exit for I/O, don't recheck L1 intercepts as KVM has already finished that phase of instructi...

CVE-2025-40026

The CVE-2025-40026 entry concerns the Linux kernel KVM on x86. The issue arises when completing userspace I/O emulation: KVM should not recheck L1 intercepts because it has already completed that phase, but if the I/O permission bitmaps are modified during the exit to userspace, KVM may treat the...

Siemens SIMATIC Devices Out-of-bounds Write (CVE-2024-35976)

xsk: validate user input for XDPUMEM|COMPLETIONFILLRING This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503413; scriptversion"1.2";...

CVE-2025-12105

CVE-2025-12105 affects libsoup3 and is caused by a heap use-after-free in the asynchronous message queue handling during HTTP/2 read completion. When network operations are aborted at specific timing, a message queue item may be freed twice, enabling a remote attacker to trigger a denial-of-servi...

EUVD-2022-55661

In the Linux kernel, the following vulnerability has been resolved: fs: jfs: fix shift-out-of-bounds in dbAllocAG Syzbot found a crash : UBSAN: shift-out-of-bounds in dbAllocAG. The underlying bug is the missing check of bmp-dbagl2size. The field can be greater than 64 and trigger the...

PT-2025-42274

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.17.0-rc1+ Description The Linux kernel contains a use-after-free flaw within the rtw89 core component. Specifically, the issue occurs in the rtw89 core tx kick off and wait function when accessing already freed...

Linux Distros Unpatched Vulnerability : CVE-2023-53627

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: hisisas: Grab sasdev lock when traversing the members of sasdev.list When freeing slots in function slotcompletev3hw, it is possible that sasdev.list is...