Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414530)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414530 advisory. A use-after-free flaw was found in ncirequest in net/nfc/nci/core.c in NFC Controller Interface NCI in the Linux kernel. This flaw could allow a local attacker with...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986698)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986698 advisory. In the Linux kernel, the following vulnerability has been resolved: xhci: Fix null pointer dereference when host dies Make sure xhcifreedev and xhcikillendpointurbs ...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414583)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414583 advisory. A use-after-free in function hcisockboundioctl of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986337)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986337 advisory. In the Linux kernel, the following vulnerability has been resolved: firewire: ohci: mask bus reset interrupts between ISR and bottom half In the FireWire OHCI...

EUVD-2021-34060

Malicious code in bioql PyPI...

EUVD-2022-55623

Malicious code in bioql PyPI...

EUVD-2025-31884

Malicious code in bioql PyPI...

EUVD-2022-43102

Malicious code in bioql PyPI...

EUVD-2022-55505

Malicious code in bioql PyPI...

AZL-75246 CVE-2023-53520 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix hcisuspendsync crash If hciunregisterdev frees the hcidev object but hcisuspendnotifier may still be accessing it, it can cause the program to crash. Here's the call trace: 102152.653246 Call Trace: 102152.653254...

UBUNTU-CVE-2023-53520

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix hcisuspendsync crash If hciunregisterdev frees the hcidev object but hcisuspendnotifier may still be accessing it, it can cause the program to crash. Here's the call trace: 102152.653246 Call Trace: 102152.653254...

CVE-2023-53520

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix hcisuspendsync crash If hciunregisterdev frees the hcidev object but hcisuspendnotifier may still be accessing it, it can cause the program to crash. Here's the call trace: 102152.653246 Call Trace: 102152.653254...

CVE-2023-53520

CVE-2023-53520 relates to the Linux kernel Bluetooth subsystem. A race can occur when an hci_dev object is freed by hci_unregister_dev() while hci_suspend_notifier may still access it, potentially causing a crash (as shown by the call trace in hci_suspend_sync). The patch fixes this by holding a ...

Bluetooth: hci_event: Ignore multiple conn complete events

...

UBUNTU-CVE-2025-39889

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: l2cap: Check encryption key size on incoming connection This is required for passing GAP/SEC/SEM/BI-04-C PTS test case: Security Mode 4 Level 4, Responder - Invalid Encryption Key Size - 128 bit This tests the security...

CVE-2022-50419

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisysfs: Fix attempting to call deviceadd multiple times deviceadd shall not be called multiple times as stated in its documentation: 'Do not call this routine or deviceregister more than once for any device structure...

CVE-2022-50374

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcildisc,serdev: check percpuinitrwsem failure syzbot is reporting NULL pointer dereference at hciuartttyclose 1, for rcusyncenter is called without rcusyncinit due to hciuartttyopen ignoring percpuinitrwsem failure...

SUSE CVE-2022-50339

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: avoid hcidevtestandsetflag in mgmtinithdev syzbot is again reporting attempt to cancel uninitialized work at mgmtindexremoved 1, for setting of HCIMGMT flag from mgmtinithdev from hcimgmtcmd from hcisocksendmsg can rac...

PT-2025-38008

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw related to Bluetooth functionality. Specifically, a race condition can occur within the mgmt init hdev function due to the lack of serialization via hc...

Linux Distros Unpatched Vulnerability : CVE-2023-53252

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: use RCU for hciconnparams and iterate safely in hcisync hciupdateacceptlistsync...