Linux Distros Unpatched Vulnerability : CVE-2026-35357

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The cp utility in uutils coreutils is vulnerable to an information disclosure race condition. Destination files are initially created with umask-derived...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013659)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013659 advisory. In the Linux kernel, the following vulnerability has been resolved: drm: Prevent drmcopyfield to attempt copying a NULL pointer There are some struct drmdriver field...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013596)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013596 advisory. In the Linux kernel, the following vulnerability has been resolved: clk: zynqmp: Fix stack-out-of-bounds in strncpy BUG: KASAN: stack-out-of-bounds in...

PT-2026-34494

The cp utility in uutils coreutils, when performing recursive copies -R, incorrectly treats character and block device nodes as stream sources rather than preserving them. Because the implementation reads bytes into regular files at the destination instead of using mknod, device semantics are...

ONE 输入验证错误漏洞

ONE is a high-performance edge-side neural network inference framework developed by Samsung. Versions prior to ONE 1.30.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from integer overflows during the calculation of memory copy sizes, which could lead t...

PT-2026-34426

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The module loader fails to verify the bounds of the ELF section index within the simplify symbols function. A symbol containing an out-of-bounds st shndx value, such as those defined as...

Unity Linux 20.1050e / 20.1060e Security Update: kernel (UTSA-2026-013403)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013403 advisory. In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: avoid possible UaF when selecting endp selectlocaladdress and selectsignaladdress both...

Linux Distros Unpatched Vulnerability : CVE-2026-31431

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013866)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013866 advisory. In the Linux kernel, the following vulnerability has been resolved: atm: Revert atmaccounttx if copyfromiterfull fails. In vccsendmsg, we account skb-truesize to...

Important: java-25-openjdk security update

The OpenJDK 25 packages provide the OpenJDK 25 Java Runtime Environment and the OpenJDK 25 Java Software Development Kit. Security Fixes: JDK: Enhance crypto algorithm support CVE-2026-22007 JDK: Improved Arena allocations CVE-2026-22008 JDK: Improve Kerberos credentialing CVE-2026-22013 JDK:...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013644)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013644 advisory. In the Linux kernel, the following vulnerability has been resolved: sparc: fix accurate exception reporting in copyfromtouser for UltraSPARC III Anthony Yznaga track...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013863)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013863 advisory. In the Linux kernel, the following vulnerability has been resolved: cachefiles: add missing lock protection when polling Add missing lock protection in poll routine...

uutils coreutils 后置链接漏洞

uutils coreutils is a cross-platform core command-line toolset developed by Uutils. uutils coreutils has a post-installation link vulnerability, which stems from a race condition. This vulnerability could allow attackers to bypass the intended references, enabling the privileged cp process to cop...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013710)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013710 advisory. In the Linux kernel, the following vulnerability has been resolved: seccomp: Move copyseccomp to no failure path. Our syzbot instance reported memory leaks in...

ALSA-2026:9693 Important: java-25-openjdk security update

The OpenJDK 25 packages provide the OpenJDK 25 Java Runtime Environment and the OpenJDK 25 Java Software Development Kit. Security Fixes: JDK: Enhance crypto algorithm support CVE-2026-22007 JDK: Improved Arena allocations CVE-2026-22008 JDK: Improve Kerberos credentialing CVE-2026-22013 JDK:...

PT-2026-34258

CVE-2026-41664 Integer overflow in memory copy size calculation in Samsung Open Source ONE could lead to invalid memory operations with large tensor shapes. Affected version is prio… https://t.co/2SA7cFRHKO...

PT-2026-34260

CVE-2026-41666 Integer overflow in tensor copy size calculation in Samsung Open Source ONE could lead to out of bounds access during loop state propagation. Affected version is prio… https://t.co/k3CS5TgA5s...

PT-2026-34257

CVE-2026-40450 Integer overflow in output tensor copy size calculation in Samsung Open Source ONE could cause incorrect copy length and memory corruption for oversized tensors. Affe… https://t.co/x4EZ13J7x3...

PT-2026-34495

A Time-of-Check to Time-of-Use TOCTOU vulnerability in the cp utility of uutils coreutils allows an attacker to bypass no-dereference intent. The utility checks if a source path is a symbolic link using path-based metadata but subsequently opens it without the O NOFOLLOW flag. An attacker with...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013807)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013807 advisory. In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifscopyfilerange If the file is used by swap, before return -EOPNOTSUPP,...