Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000911)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000911 advisory. The 1 getuser and 2 putuser API functions in the Linux kernel before 3.5.5 on the v6k and v7 ARM platforms do not validate certain addresses, which allows attackers ...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002004)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002004 advisory. The 1 getuser and 2 putuser API functions in the Linux kernel before 3.5.5 on the v6k and v7 ARM platforms do not validate certain addresses, which allows attackers ...

EUVD-2021-21927

Malware in sbrugna...

SUSE CVE-2025-39716

In the Linux kernel, the following vulnerability has been resolved: parisc: Revise getuser to probe user read access Because of the way read access support is implemented, read access interruptions are only triggered at privilege levels 2 and 3. The kernel executes at privilege level 0, so getuse...

AZL-73662 CVE-2025-39716 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: parisc: Revise getuser to probe user read access Because of the way read access support is implemented, read access interruptions are only triggered at privilege levels 2 and 3. The kernel executes at privilege level 0, so getuse...

CVE-2024-50102

In the Linux kernel, the following vulnerability has been resolved: x86: fix user address masking non-canonical speculation issue It turns out that AMD has a "Meltdown Litetm" issue with non-canonical accesses in kernel space. And so using just the high bit to decide whether an access is in user...

UBUNTU-CVE-2024-50102

In the Linux kernel, the following vulnerability has been resolved: x86: fix user address masking non-canonical speculation issue It turns out that AMD has a "Meltdown Litetm" issue with non-canonical accesses in kernel space. And so using just the high bit to decide whether an access is in user...

CVE-2024-50102 x86: fix user address masking non-canonical speculation issue

In the Linux kernel, the following vulnerability has been resolved: x86: fix user address masking non-canonical speculation issue It turns out that AMD has a "Meltdown Litetm" issue with non-canonical accesses in kernel space. And so using just the high bit to decide whether an access is in user...

CVE-2024-26674

In the Linux kernel, the following vulnerability has been resolved: x86/lib: Revert to ASMEXTABLEUA for get,putuser fixups During memory error injection test on kernels = v6.4, the kernel panics like below. However, this issue couldn't be reproduced on kernels getusernocheck4+0x6/0x20 mce: Hardwa...

SUSE CVE-2003-0700

The C-Media PCI sound driver in Linux before 2.4.22 does not use the getuser function to access userspace in certain conditions, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-2003-0699...

SUSE CVE-2005-0937

Some futex functions in futex.c for Linux kernel 2.6.x perform getuser calls while holding the mmapsem semaphore, which could allow local users to cause a deadlock condition in dopagefault by triggering getuser faults while another thread is executing mmap or other functions...

SUSE CVE-2017-7995

Xen PV guest before Xen 4.3 checked access permissions to MMIO ranges only after accessing them, allowing host PCI device space memory reads, leading to information disclosure. This is an error in the getuser function. NOTE: the upstream Xen Project considers versions before 4.5.x to be EOL...

CVE-2021-35284

SQL Injection vulnerability in function getuser in loginmanager.php in rizalafani cms-php v1...

CVE-2021-35284

SQL Injection vulnerability in function getuser in loginmanager.php in rizalafani cms-php v1...

cms-php SQL注入漏洞

cms-php is a simple Content Management System CMS example with php-Mysql by Ahmad Rizal Afani Personal Developer. A security vulnerability exists in cms-php v1, which stems from the getuser function of its loginmanager.php component to implement SQL injection...

CVE-2021-35284

CVE-2021-35284 affects rizalafani cms-php v1, with a SQL Injection vulnerability in the get_user function (login_manager.php). The issue is described across multiple sources as SQL injection in the get_user routine, consistent with a high-severity CVSS3.1 impact (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A...

USN-3422-1 linux vulnerabilities

It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically proximate attacker could use this to cause a denial of service system crash. CVE-2017-1000251 It was discovered that the asynchronous I/O aio...

CVE-2017-7995

Xen PV guest before Xen 4.3 checked access permissions to MMIO ranges only after accessing them, allowing host PCI device space memory reads, leading to information disclosure. This is an error in the getuser function. NOTE: the upstream Xen Project considers versions before 4.5.x to be EOL...

Information disclosure

Xen PV guest before Xen 4.3 checked access permissions to MMIO ranges only after accessing them, allowing host PCI device space memory reads, leading to information disclosure. This is an error in the getuser function. NOTE: the upstream Xen Project considers versions before 4.5.x to be EOL...

CVE-2017-7995

Xen PV guest before Xen 4.3 checked access permissions to MMIO ranges only after accessing them, allowing host PCI device space memory reads, leading to information disclosure. This is an error in the getuser function. NOTE: the upstream Xen Project considers versions before 4.5.x to be EOL...