Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007383)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007383 advisory. In the Linux kernel, the following vulnerability has been resolved: staging: fbtft: fix potential memory leak in fbtftframebufferalloc In the error paths after fbinf...

jq 缓冲区错误漏洞

jq is a lightweight and flexible command-line JSON processor developed by jqlang. jq has a buffer error vulnerability, which stems from an out-of-bounds read in the error handling path of the jvparsesized function. This vulnerability may lead to memory leaks or process termination...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006717)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006717 advisory. In the Linux kernel, the following vulnerability has been resolved: net: usb: rtl8150: fix memory leak on usbsubmiturb failure In asyncsetregisters, when usbsubmitur...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006658)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006658 advisory. In the Linux kernel, the following vulnerability has been resolved: ASoC: atmel: Fix error handling in sam9x5wm8731driverprobe The devicenode pointer is returned by...

EUVD-2026-19195

In the Linux kernel, the following vulnerability has been resolved: ksmbd: unset conn-binding on failed binding request When a multichannel SMB2SESSIONSETUP request with SMB2SESSIONREQFLAGBINDING fails ksmbd sets conn-binding = true but never clears it on the error path. This leaves the connectio...

UBUNTU-CVE-2026-31409

In the Linux kernel, the following vulnerability has been resolved: ksmbd: unset conn-binding on failed binding request When a multichannel SMB2SESSIONSETUP request with SMB2SESSIONREQFLAGBINDING fails ksmbd sets conn-binding = true but never clears it on the error path. This leaves the connectio...

CVE-2026-31409

CVE-2026-31409 affects the Linux kernel ksmbd component. A multichannel SMB2_SESSION_SETUP with SMB2_SESSION_REQ_FLAG_BINDING could fail, but ksmbd did not clear conn->binding on the error path, leaving the connection in a binding state. This caused ksmbd_session_lookup_all() to fall back to t...

CVE-2026-31409

In the Linux kernel, the following vulnerability has been resolved: ksmbd: unset conn-binding on failed binding request When a multichannel SMB2SESSIONSETUP request with SMB2SESSIONREQFLAGBINDING fails ksmbd sets conn-binding = true but never clears it on the error path. This leaves the connectio...

PT-2026-30577

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the ksmbd module. Specifically, when a multichannel SMB2 SESSION SETUP request with SMB2 SESSION REQ FLAG BINDING fails, the conn-binding flag is...

CVE-2026-31409

In the Linux kernel, the following vulnerability has been resolved: ksmbd: unset conn-binding on failed binding request When a multichannel SMB2SESSIONSETUP request with SMB2SESSIONREQFLAGBINDING fails ksmbd sets conn-binding = true but never clears it on the error path. This leaves the connectio...

CVE-2026-23432

A flaw was found in the Linux kernel's mshv component. A local user could exploit a use-after-free vulnerability by unmapping memory after a specific error path in the mshvmapusermemory function. This can cause a system crash kernel panic due to the system attempting to access freed memory...

CVE-2026-23418

In the Linux kernel, the following vulnerability has been resolved: drm/xe/regsr: Fix leak on xastore failure Free the newly allocated entry when xastore fails to avoid a memory leak on the error path. v2: use goto failfree. Bala cherry picked from commit 6bc6fec71ac45f52db609af4e62bdb96b9f5fadb...

CVE-2026-23423

In the Linux kernel, the following vulnerability has been resolved: btrfs: free pages on error in btrfsuringreadextent In this function the 'pages' object is never freed in the hopes that it is picked up by btrfsuringreadfinished whenever that executes in the future. But that's just the happy pat...

CVE-2026-23418

In the Linux kernel, the following vulnerability has been resolved: drm/xe/regsr: Fix leak on xastore failure Free the newly allocated entry when xastore fails to avoid a memory leak on the error path. v2: use goto failfree. Bala cherry picked from commit 6bc6fec71ac45f52db609af4e62bdb96b9f5fadb...

UBUNTU-CVE-2026-23418

In the Linux kernel, the following vulnerability has been resolved: drm/xe/regsr: Fix leak on xastore failure Free the newly allocated entry when xastore fails to avoid a memory leak on the error path. v2: use goto failfree. Bala cherry picked from commit 6bc6fec71ac45f52db609af4e62bdb96b9f5fadb...

CVE-2026-23418 drm/xe/reg_sr: Fix leak on xa_store failure

In the Linux kernel, the following vulnerability has been resolved: drm/xe/regsr: Fix leak on xastore failure Free the newly allocated entry when xastore fails to avoid a memory leak on the error path. v2: use goto failfree. Bala cherry picked from commit 6bc6fec71ac45f52db609af4e62bdb96b9f5fadb...

PT-2026-30032

In the Linux kernel, the following vulnerability has been resolved: drm/xe/reg sr: Fix leak on xa store failure Free the newly allocated entry when xa store fails to avoid a memory leak on the error path. v2: use goto fail free. Bala cherry picked from commit 6bc6fec71ac45f52db609af4e62bdb96b9f5f...

PT-2026-30173

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak in the xe vm madvise ioctl function within the drm/xe subsystem of the Linux kernel has been addressed. The issue occurs when validation within check bo args are sane fails...

SUSE CVE-2026-23399

In the Linux kernel, the following vulnerability has been resolved: nftables: nftdynset: fix possible stateful expression memleak in error path If cloning the second stateful expression in the element via GFPATOMIC fails, then the first stateful expression remains in place without being released...

EUVD-2026-16909

In the Linux kernel, the following vulnerability has been resolved: nftables: nftdynset: fix possible stateful expression memleak in error path If cloning the second stateful expression in the element via GFPATOMIC fails, then the first stateful expression remains in place without being released....