PT-2026-3749

Name of the Vulnerable Software and Affected Versions Fleet versions prior to 4.53.3 Fleet versions 4.53.3 through 4.75.2 Fleet versions 4.75.2 through 4.76.2 Fleet versions 4.76.2 through 4.77.1 Fleet versions 4.77.1 through 4.78.3 Description Fleet, an open source device management software, ha...

ROS-20260119-7362

A vulnerability in the orangefsdebugwrite function of the fs/orangefs/orangefs-debugfs.c component of the Linux operating system kernel is related to reading outside the allowed data buffer boundaries. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, as...

SUSE CVE-2017-18896

An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. It allows attackers to add DEBUG lines to the logs via a REST API version 3 logging endpoint...

SUSE CVE-2025-71102

In the Linux kernel, the following vulnerability has been resolved: scs: fix a wrong parameter in scsmagic scsmagic needs a 'void ' variable, but a 'struct taskstruct ' is given. 'taskscstsk' is the starting address of the task's shadow call stack, and 'scsmagictaskscstsk' is the end address of t...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004314)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004314 advisory. A flaw was found in the Linux kernel in the function hiddebugeventsread in drivers/hid/hid-debug.c file which may enter an infinite loop with certain parameters pass...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004329)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004329 advisory. In the Android kernel in sync debug fs driver there is a kernel pointer leak due to the usage of printf with %p. This could lead to local information disclosure with...

MiracleLinux 4 : gdb-7.2-60.AXS4 (AXSA:2013-121:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-121:01 advisory. GDB, the GNU debugger, allows you to debug programs written in C, C++, Java, and other languages, by executing them in a controlled fashion and printing their...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003954)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003954 advisory. A flaw was found in the Linux kernel in the function hiddebugeventsread in drivers/hid/hid-debug.c file which may enter an infinite loop with certain parameters pass...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003732)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003732 advisory. In hiddebugeventsread of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001195)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001195 advisory. A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual SDM was mishandled in the development of some or all...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003702)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003702 advisory. In hiddebugeventsread of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003536)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003536 advisory. A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual SDM was mishandled in the development of some or all...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002130)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002130 advisory. The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service host OS panic or hang by...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003017)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003017 advisory. The hidmachanstats function in drivers/dma/qcom/hidmadbg.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading callback...

Researchers Null-Route Over 550 Kimwolf and Aisuru Botnet Command Servers

The Black Lotus Labs team at Lumen Technologies said it null-routed traffic to more than 550 command-and-control C2 nodes associated with the AISURU/Kimwolf botnet since early October 2025. AISURU and its Android counterpart, Kimwolf, have emerged as some of the biggest botnets in recent times,...

CVE-2025-71102

In the Linux kernel, the following vulnerability has been resolved: scs: fix a wrong parameter in scsmagic scsmagic needs a 'void ' variable, but a 'struct taskstruct ' is given. 'taskscstsk' is the starting address of the task's shadow call stack, and 'scsmagictaskscstsk' is the end address of t...

CVE-2025-71102

In the Linux kernel, the following vulnerability has been resolved: scs: fix a wrong parameter in scsmagic scsmagic needs a 'void ' variable, but a 'struct taskstruct ' is given. 'taskscstsk' is the starting address of the task's shadow call stack, and 'scsmagictaskscstsk' is the end address of t...

UBUNTU-CVE-2025-71102

In the Linux kernel, the following vulnerability has been resolved: scs: fix a wrong parameter in scsmagic scsmagic needs a 'void ' variable, but a 'struct taskstruct ' is given. 'taskscstsk' is the starting address of the task's shadow call stack, and 'scsmagictaskscstsk' is the end address of t...

CVE-2025-71102

In the Linux kernel, the following vulnerability has been resolved: scs: fix a wrong parameter in scsmagic scsmagic needs a 'void ' variable, but a 'struct taskstruct ' is given. 'taskscstsk' is the starting address of the task's shadow call stack, and 'scsmagictaskscstsk' is the end address of t...

CVE-2025-71102

In the Linux kernel, the following vulnerability has been resolved: scs: fix a wrong parameter in scsmagic scsmagic needs a 'void ' variable, but a 'struct taskstruct ' is given. 'taskscstsk' is the starting address of the task's shadow call stack, and 'scsmagictaskscstsk' is the end address of t...