Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013567)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013567 advisory. In the Linux kernel, the following vulnerability has been resolved: nfc: Fix potential resource leaks nfcgetdevice take reference for the device, add missing...

Linux Distros Unpatched Vulnerability : CVE-2026-31425

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rds: ib: reject FRMR registration before IB connection is established rdsibgetmr extracts the rdsibconnection from conn-ctransportdata and passes it to...

SUSE CVE-2026-23460

In the Linux kernel, the following vulnerability has been resolved: net/rose: fix NULL pointer dereference in rosetransmitlink on reconnect syzkaller reported a bug 1, and the reproducer is available at 2. ROSE sockets use four sk-skstate values: TCPCLOSE, TCPLISTEN, TCPSYNSENT, and TCPESTABLISHE...

CVE-2026-23468

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Limit BO list entry count to prevent resource exhaustion Userspace can pass an arbitrary number of BO list entries via the bonumber field. Although the previous multiplication overflow check prevents out-of-bounds...

EUVD-2026-15362

In the Linux kernel, the following vulnerability has been resolved: wifi: rsi: Don't default to -EOPNOTSUPP in rsimac80211config This triggers a WARNON in ieee80211hwconfinit and isn't the expected behavior from the driver - other drivers default to 0 too...

CVE-2025-71265 fs: ntfs3: fix infinite loop in attr_load_runs_range on inconsistent metadata

In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop in attrloadrunsrange on inconsistent metadata We found an infinite loop bug in the ntfs3 file system that can lead to a Denial-of-Service DoS condition. A malformed NTFS image can cause an infinite lo...

BIT-PARSE-2026-30835 Parse Server: Malformed `$regex` query leaks database error details in API response

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.7 and 9.5.0, malformed $regex query parameter e.g. abc causes the database to return a structured error object that is passed unsanitized through the API response. This...

SUSE CVE-2026-25942

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfrailserverexecuteresult indexes the global errorcodenames array 7 elements, indices 0-6 with an unchecked execResult-execResult value received from the server, allowing an out-of-bounds read when the serve...

CVE-2026-25942

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfrailserverexecuteresult indexes the global errorcodenames array 7 elements, indices 0–6 with an unchecked execResult-execResult value received from the server, allowing an out-of-bounds read when the serve...

SUSE CVE-2026-23067

In the Linux kernel, the following vulnerability has been resolved: iommu/io-pgtable-arm: fix sizet signedness bug in unmap path armlpaeunmap returns sizet but was returning -ENOENT negative error code when encountering an unmapped PTE. Since sizet is unsigned, -ENOENT typically -2 becomes a huge...

CVE-2026-23067 iommu/io-pgtable-arm: fix size_t signedness bug in unmap path

In the Linux kernel, the following vulnerability has been resolved: iommu/io-pgtable-arm: fix sizet signedness bug in unmap path armlpaeunmap returns sizet but was returning -ENOENT negative error code when encountering an unmapped PTE. Since sizet is unsigned, -ENOENT typically -2 becomes a huge...

EUVD-2026-5477

In the Linux kernel, the following vulnerability has been resolved: iommu/io-pgtable-arm: fix sizet signedness bug in unmap path armlpaeunmap returns sizet but was returning -ENOENT negative error code when encountering an unmapped PTE. Since sizet is unsigned, -ENOENT typically -2 becomes a huge...

CVE-2025-71125

In the Linux kernel, the following vulnerability has been resolved: tracing: Do not register unsupported perf events Synthetic events currently do not have a function to register perf events. This leads to calling the tracepoint register functions with a NULL function pointer which triggers:...

CVE-1999-0419

When the Microsoft SMTP service attempts to send a message to a server and receives a 4xx error code, it quickly and repeatedly attempts to redeliver the message, causing a denial of service...

irqchip/mchp-eic: Fix error code in mchp_eic_domain_alloc()

...

CVE-2025-68766

CVE-2025-68766 is fixed in the Linux kernel for SUSE/openSUSE advisories. The issue occurs in irqchip/mchp-eic: if irq_domain_translate_twocell() sets hwirq to a value >= MCHP_EIC_NIRQ (2), the code may access out of bounds. The root cause is that validity checks exist but the error code is no...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from an unset error code in the mchpeicdomainalloc function in the mchp-eic interrupt controller driver, whi...

PT-2026-8122

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contained a flaw where duplicate registrations of pins were permitted. Specifically, the dpll xa ref dpll add and dpll xa ref pin add functions allowed multiple...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992927)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992927 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: clean up our handling of refs == 0 in snapshot delete In reada we BUGONrefs == 0, which...

CVE-2022-50834

In the Linux kernel, the following vulnerability has been resolved: nfc: Fix potential resource leaks nfcgetdevice take reference for the device, add missing nfcputdevice to release it when not need anymore. Also fix the style warnning by use error EOPNOTSUPP instead of ENOTSUPP...