Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989316)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989316 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix crash while reading debugfs attribute The qedidbgdonotrecovercmdread function...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989624)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989624 advisory. In the Linux kernel, the following vulnerability has been resolved: i40e: Fix NULL pointer dereference in i40edbgdumpdesc When trying to dump VFs VSI RX/TX descripto...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990343)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990343 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix crash while reading debugfs attribute The qedidbgdonotrecovercmdread function...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990148)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990148 advisory. In the Linux kernel, the following vulnerability has been resolved: regmap: set debugfsname to NULL after it is freed There is a upstream commit...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989961)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989961 advisory. In the Linux kernel, the following vulnerability has been resolved: gpio: mockup: fix NULL pointer dereference when removing debugfs We now remove the device's debug...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989177)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989177 advisory. In the Linux kernel, the following vulnerability has been resolved: ASoC: core: Fix use-after-free in sndsocexit KASAN reports a use-after-free: BUG: KASAN:...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989140)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989140 advisory. In the Linux kernel, the following vulnerability has been resolved: regmap: set debugfsname to NULL after it is freed There is a upstream commit...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp – Fix for a crash that occurs when rebinding the ccp device. When CONFIGCRYPTODEVCCPDEBUGFS is enabled, rebinding the ccp device causes the following crash: bash $ echo '0000:0a:00.2' /sys/bus/pci/drivers/ccp/unbind $...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Check whether hubbub is NULL in debugfs/amdgpudmcapabilities. The HUBBUB structure is not initialized on DCE hardware; therefore, check whether it is NULL to avoid null dereferencing when accessing the...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: vhci: Prevent use-after-free by removing debugfs files early The creation of debugfs files is moved to a dedicated function, and it is ensured that these files are explicitly removed during vhcirelease, before the...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: The issue of destroying KFD debugfs after destroying KFD wq has been addressed. Since the KFD proc content was moved to the kernel debugfs, we cannot destroy KFD debugfs before calling kfdprocessDestroywq. Moving...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: i40e: removed read access to debugfs files The “command” and “netdevops” debugfs files are legacy debugging interfaces supported by the i40e driver since its early days, as documented in commit 02e9c290814c “i40e: debugfs...

drm/i915: Fix request ref counting during error capture & debugfs dump

...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-40978)

scsi: qedi: crash while reading debugfs attribute. The qedidbgdonotrecovercmdread function invokes sprintf directly on a user pointer, which results into the crash. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL...

kernel security update

4.18.0-553.80.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

PT-2025-51593

Name of the Vulnerable Software and Affected Versions Linux kernel versions 6.17.0+ Description The Linux kernel contains a flaw within the drm/amd/display subsystem, specifically in the odm combine segments show function. When a display connector is connected but inactive, the pipe ctx-stream...

Linux Distros Unpatched Vulnerability : CVE-2023-53625

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/i915/gvt: fix vgpu debugfs clean in remove Check carefully on root debugfs available when destroying vgpu, e.g in remove case drm minor's debugfs root might...

SUSE CVE-2023-53625

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gvt: fix vgpu debugfs clean in remove Check carefully on root debugfs available when destroying vgpu, e.g in remove case drm minor's debugfs root might already be destroyed, which led to kernel oops like below. Console:...

EUVD-2025-31850

A vulnerability was found in SourceCodester Simple E-Commerce Bookstore 1.0. The affected element is an unknown function of the file /cart.php. The manipulation of the argument remove results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...

EUVD-2025-31875

EUVD-2025-31875...