crypto: seqiv - Do not use req->iv after crypto_aead_encrypt

...

um: init cpu_tasks[] earlier

...

SUSE CVE-2025-71113

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - zero initialize memory allocated via sockkmalloc Several crypto user API contexts and requests allocated with sockkmalloc were left uninitialized, relying on callers to set fields explicitly. This resulted in the...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000642)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000642 advisory. The sctpinit function in net/sctp/protocol.c in the Linux kernel before 4.2.3 has an incorrect sequence of protocol-initialization steps, which allows local users to...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001094)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001094 advisory. Use-after-free vulnerability in the sctpassocupdate function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001155)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001155 advisory. The ext4fillsuper function in fs/ext4/super.c in the Linux kernel through 4.15.15 does not always initialize the crc32c checksum driver, which allows attackers to...

MiracleLinux 7 : rh-postgresql94-postgresql-9.4.14-2.el7 (AXSA:2017-2466:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2466:03 advisory. Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use...

MiracleLinux 4 : httpd24-httpd-2.4.25-9.AXS4.1 (AXSA:2017-2175:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2175:02 advisory. It was discovered that the httpd's modauthdigest module did not properly initialize memory before using it when processing certain headers related t...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001098)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001098 advisory. arch/x86/kvm/emulate.c in the Linux kernel before 4.8.12 does not properly initialize Code Segment CS in certain error cases, which allows local users to obtain...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004232)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004232 advisory. An issue was discovered in the Linux kernel before 5.6.1. drivers/media/usb/gspca/ov519.c allows NULL pointer dereferences in ov511modeinitregs and ov518modeinitregs...

MiracleLinux 7 : sssd-1.13.0-40.el7 (AXSA:2015-829:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2015-829:03 advisory. Provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides an NSS and PAM interface toward the system and a...

MiracleLinux 4 : rh-postgresql94-postgresql-9.4.14-2.AXS4 (AXSA:2017-2465:03)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2465:03 advisory. Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000628)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000628 advisory. fs/nfs/nfs4proc.c in the NFS client in the Linux kernel before 4.2.2 does not properly initialize memory for migration recovery operations, which allows remote NFS...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001542)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001542 advisory. The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too fa...

CVE-2026-21913

An Incorrect Initialization of Resource vulnerability in the Internal Device Manager IDM of Juniper Networks Junos OS on EX4000 models allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. On EX4000 models with 48 ports EX4000-48T, EX4000-48P, EX4000-48MP a high volu...

CVE-2026-21913

An Incorrect Initialization of Resource vulnerability in the Internal Device Manager IDM of Juniper Networks Junos OS on EX4000 models allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. On EX4000 models with 48 ports EX4000-48T, EX4000-48P, EX4000-48MP a high volu...

CVE-2026-21913 Junos OS: EX4000: A high volume of traffic destined to the device leads to a crash and restart

An Incorrect Initialization of Resource vulnerability in the Internal Device Manager IDM of Juniper Networks Junos OS on EX4000 models allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. On EX4000 models with 48 ports EX4000-48T, EX4000-48P, EX4000-48MP a high volu...

EUVD-2026-2688

An Incorrect Initialization of Resource vulnerability in the Internal Device Manager IDM of Juniper Networks Junos OS on EX4000 models allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. On EX4000 models with 48 ports EX4000-48T, EX4000-48P, EX4000-48MP a high volu...

CVE-2026-21913

CVE-2026-21913 affects Juniper Networks Junos OS on EX4000-48T, EX4000-48P and EX4000-48MP. The vulnerability is an incorrect initialization of the Internal Device Manager (IDM) that allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). A high volume of traffic dir...

Security Bulletin: IBM Sterling Connect:Direct for UNIX Container is affected by vulnerability where hard-coded credentials are embeeded in the product for its internal use.

Summary IBM Sterling Connect:Direct for UNIX Container requires credential for Standard User Mode deployment. This fix removes the hard-coded credentials and uses dynamically generated one during container initialization. Vulnerability Details CVEID:CVE-2025-14115 DESCRIPTION: IBM® Sterling...