Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001692)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001692 advisory. A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. This flaw allows a local attacker with a user privilege to cause a denial of...

CVE-2026-20859

Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally...

CVE-2026-20810

Free of memory not on the heap in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

January 13, 2026—KB5073457 (OS Build 20348.4648)

January 13, 2026—KB5073457 OS Build 20348.4648 This cumulative update for Windows Server 2022 KB5073457, includes the latest security fixes and improvements, along with non-security updates from last month’s optional preview release. To learn more about differences between security updates,...

January 13, 2026—KB5073450 (OS Build 25398.2092)

January 13, 2026—KB5073450 OS Build 25398.2092 This cumulative update for Windows Server, version 23H2 KB5073450, includes the latest security fixes and improvements, along with non-security updates from last month’s optional preview release. To learn more about differences between security...

January 13, 2026—KB5073699 (Security-only update)

January 13, 2026—KB5073699 Security-only update Windows Secure Boot certificate expirationImportant: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. Microsoft has been updating these certificates on consumer and non-managed business devices for the...

Windows Motorola Soft Modem Driver Elevation of Privilege Vulnerability

Microsoft is aware of vulnerabilities in the third party Motorola Soft Modem drivers that ships natively with supported Windows operating systems. This is an announcement of the upcoming removal of smserl64.sys and smserial.sys drivers. The drivers have been removed in the January cumulative...

CVE-2025-71098

The CVE CVE-2025-71098 affects the Linux kernel’s IP6_GRE path. Syzbot crashes were caused by ip6gre_header() relying on dynamic dev->needed_headroom/dev->hard_header_len, enabling skb underflow when an skb with insufficient headroom was used (e.g., during mld_sendpack/mld_finish_output pat...

Microsoft Windows Kernel Mode Drivers 资源管理错误漏洞

Microsoft Windows Kernel Mode Drivers is a Windows kernel mode driver from Microsoft Corporation USA. A resource management error vulnerability exists in Microsoft Windows Kernel Mode Drivers. An attacker could exploit this vulnerability to gain elevated privileges. The following products and...

KB5073699: Windows Server 2008 R2 Security Update (January 2026)

The remote Windows host is missing security update 5073699. It is, therefore, affected by multiple vulnerabilities - An issue was discovered in Broadcom LSI PCI-SV92EX Soft Modem Kernel Driver through 2.2.100.1 aka AGRSM64.sys. There is Local Privilege Escalation to SYSTEM via a Stack Overflow in...

Linux Distros Unpatched Vulnerability : CVE-2025-68795

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ethtool: Avoid overflowing userspace buffer on stats query The ethtool -S command operates across three ioctl calls: ETHTOOLGSSETINFO for the size,...

USN-7922-5: Linux kernel (IoT) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - ACPI drivers; - InfiniBand drivers; - Media drivers; - Network drivers; - Pin controllers...

USN-7922-5 linux-iot vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - ACPI drivers; - InfiniBand drivers; - Media drivers; - Network drivers; - Pin controllers...

USN-7931-5 linux-raspi, linux-raspi-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Media drivers; - Memory management; - Appletalk network protocol; - Netfilter; CVE-2025-37958,...

USN-7931-5: Linux kernel (Raspberry Pi) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Media drivers; - Memory management; - Appletalk network protocol; - Netfilter; CVE-2025-37958,...

USN-7940-2: Linux kernel (Azure, N-Series) vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

USN-7928-5: Linux kernel (KVM) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Media drivers; - Network drivers; - AFS file system; - F2FS file system; - Tracing...

USN-7928-5 linux-kvm vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Media drivers; - Network drivers; - AFS file system; - F2FS file system; - Tracing...

CVE-2018-9396

In rpcmsghandler and related handlers of drivers/misc/mediatek/eccci/portrpc.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

CVE-2021-0105

Insecure inherited permissions in some IntelR ProSet/Wireless WiFi drivers may allow an authenticated user to potentially enable information disclosure and denial of service via adjacent access...