Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003916)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003916 advisory. There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vcdoresize function in drivers/tty/vt/vt.c. Tenable has extracted the preceding...

USN-7332-2: Linux kernel vulnerabilities

Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service system crash or possibly execute arbitrary code...

CVE-2024-43893

A divide by zero vulnerability was found in the uartgetdivisor function in the Linux Kernel's serial core subsystem. This issue is caused by the improper handling of invalid baud rates. When an invalid baudbase is specified using the TIOCSSERIAL ioctl command, if uartclk is zero, a subsequent cal...

CVE-2024-43893

In the Linux kernel, the following vulnerability has been resolved: serial: core: check uartclk for zero to avoid divide by zero Calling ioctl TIOCSSERIAL with an invalid baudbase can result in uartclk being zero, which will result in a divide by zero error in uartgetdivisor. The check for uartcl...

CVE-2024-43893

In the Linux kernel, the following vulnerability has been resolved: serial: core: check uartclk for zero to avoid divide by zero Calling ioctl TIOCSSERIAL with an invalid baudbase can result in uartclk being zero, which will result in a divide by zero error in uartgetdivisor. The check for uartcl...

USN-6895-1: Linux kernel vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the HugeTLB file syst...

Design/Logic Flaw

A use-after-free flaw was found in vcsread in drivers/tty/vt/vcscreen.c in vcscreen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information...

CVE-2023-3567

CVE-2023-3567 is a use-after-free vulnerability in Linux kernel code (vc_screen.c: vcs_read in vc_screen) that can allow a local attacker to crash the system or leak kernel information. Connected advisories (Astra Linux, CIRCL sighting, and Amazon Linux advisories) confirm the same UAF issue and ...

CVE-2023-3567 Kernel: use after free in vcs_read in drivers/tty/vt/vc_screen.c due to race

A use-after-free flaw was found in vcsread in drivers/tty/vt/vcscreen.c in vcscreen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information...

CVE-2023-23039

An issue was discovered in the Linux kernel through 6.2.0-rc2. drivers/tty/vcc.c has a race condition and resultant use-after-free if a physically proximate attacker removes a VCC device while calling open, aka a race condition between vccopen and vccremove...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 7.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

Denial of service

A denial of service vulnerability was found in nttyreceivecharspecial in drivers/tty/ntty.c of the Linux kernel. In this flaw a local attacker with a normal user privilege could delay the loop due to a changing ldata-readhead, and a missing sanity check and cause a threat to the system availabili...

CVE-2021-20219

CVE-2021-20219: Linux kernel DoS in n_tty_receive_char_special (drivers/tty/n_tty.c). Local attacker with unprivileged user can delay the loop (ldata->read_head changes) due to a missing sanity check, impacting availability. The initial doc does not specify affected kernel versions, patches, o...

kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use-after-free

A locking vulnerability was found in the tty subsystem of the Linux kernel in drivers/tty/ttyjobctrl.c. This flaw allows a local attacker to possibly corrupt memory or escalate privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

Important: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

Important: Red Hat Security Advisory: kpatch-patch security update

An update is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

openSUSE Security Update : the Linux Kernel (openSUSE-2020-2193)

The openSUSE Leap 15.2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2020-29371: An issue was discovered in romfsdevread in fs/romfs/storage.c where uninitialized memory leaks to userspace, aka CID-bcf85fcedfdd bnc1179429. -...

openSUSE Security Update : the Linux Kernel (openSUSE-2020-1153)

The openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2019-16746: An issue was discovered in net/wireless/nl80211.c where it did not check the length of variable elements in a beacon head, leading to a buffer overflow...

SUSE SLES12 Security Update : kernel (SUSE-SU-2020:1255-1)

The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2020-11494: An issue was discovered in slcbump in drivers/net/can/slcan.c, which allowed attackers to read uninitialized canframe data, potentially containing...