Security Bulletin: NVIDIA GPU Display Drivers - January 2026

NVIDIA has released a software security update for NVIDIA GPU Display Driver to address the issues that are disclosed in this bulletin. To protect your system, download and install this software update through the NVIDIA Driver Downloads page or, for the vGPU software and Cloud Gaming updates,...

CVE-2026-22984

In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in handleauthdone Perform an explicit bounds check on payloadlen to avoid a possible out-of-bounds access in the callout. idryomov: changelog Mitigation If Ceph not being used, then...

CVE-2026-22990

In the Linux kernel, the following vulnerability has been resolved: libceph: replace overzealous BUGON in osdmapapplyincremental If the osdmap is maliciously corrupted such that the incremental osdmap epoch is different from what is expected, there is no need to BUG. Instead, just declare the...

ROS-20260120-7365

A vulnerability in the ksmbd component of the Linux operating system kernel is related to improper control of resource identifiers. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004340)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004340 advisory. A flaw was found in the Linux Kernel before 5.8-rc6 in the ZRAM kernel module, where a user with a local account and the ability to read the...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002070)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002070 advisory. arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through 3.17.2 does not properly perform RIP changes, which allows guest OS users to cause a denial o...

ROS-20260114-7323

A vulnerability in the netemdequeue function of the net/sched/schnetem.c module of the net/sched traffic control subsystem of the net/sched kernel of the Linux operating system is related to the reuse of previously freed memory. Exploitation of the vulnerability may allow an intruder to affect...

UBUNTU-CVE-2025-68806

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix buffer validation by including null terminator size in EA length The smb2setea function, which handles Extended Attributes EA, was performing buffer validation checks that incorrectly omitted the size of the null...

Win32k Elevation of Privilege Vulnerability

Double free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally...

ROS-20260113-7312

A vulnerability in the navi10issupportfinegraineddpm function in the drivers/gpu/drm/amd/pm/swsmu/smu11/navi10ppt.c module of the amdpgu driver of the Linux kernel is related to incorrect index calculation. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integri...

NSecsoft NSecKrnl 安全漏洞

NSecsoft NSecKrnl is the underlying core module of a terminal protection software from China Anzai NSecsoft. A security vulnerability exists in NSecsoft NSecKrnl, which originates from a local attacker being able to terminate another user's process via a specially crafted IOCTL request...

CVE-2022-31758

The kernel module has the race condition vulnerability. Successful exploitation of this vulnerability may affect data confidentiality...

CVE-2022-31763

The kernel module has the null pointer and out-of-bounds array vulnerabilities. Successful exploitation of this vulnerability may affect system availability...

CVE-2017-18689

An issue was discovered on Samsung mobile devices with M6.0 and N7.0 Exynos5433, Exynos7420, or Exynos7870 chipsets software. An attacker can bypass a ko aka Kernel Module signature by modifying the count of kernel modules. The Samsung ID is SVE-2016-7466 January 2017...

CVE-2022-42265

NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer nvidia.ko, where an integer overflow may lead to information disclosure or data tampering...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992170)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992170 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: Fix function prototype mismatch for ext4featktype With clang's kernel control flow integrit...

Linux Distros Unpatched Vulnerability : CVE-2022-50702

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vdpasim: fix possible memory leak in vdpasimnetinit and vdpasimblkinit Inject fault while probing module, if deviceregister fails in vdpasimnetinit or...

CVE-2023-54055

CVE-2023-54055 (Linux kernel RDMA/irdma PBLE memory leak) : The vulnerability concerns PBLE object memory not being freed on module removal. PBLEs and their Segment Descriptors can be allocated during scale-up and remain until function deinitialization. Root cause: PBLE objects are not freed due ...

CVE-2022-50727 scsi: efct: Fix possible memleak in efct_device_init()

In the Linux kernel, the following vulnerability has been resolved: scsi: efct: Fix possible memleak in efctdeviceinit In efctdeviceinit, when efctscsiregfctransport fails, efctscsitgtdriverexit is not called to release memory for efctscsitgtdriverinit and causes memleak: unreferenced object...

Linux Distros Unpatched Vulnerability : CVE-2023-53999

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/mlx5e: TC, Fix internal port memory leak The flow rule can be splited, and the extra postact rules are added to postact table. It's possible to trigger...