PT-2026-8197

Name of the Vulnerable Software and Affected Versions Linux kernel versions 6.18-rc1 and later Description The CephFS kernel client contains a flaw in the ceph mds auth match function where a NULL pointer dereference can occur if fs name is NULL. This issue arises during authorization checks with...

PT-2026-20427

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to hypercall clobbers within the x86/vmware component. Specifically, the QEMU VMware mouse emulation incorrectly clears the upper 32 bits of the...

CVE-2023-54166

In the Linux kernel, the following vulnerability has been resolved: igc: Fix Kernel Panic during ndotxtimeout callback The Xeon validation group has been carrying out some loaded tests with various HW configurations, and they have seen some transmit queue time out happening during the test. This...

SUSE CVE-2022-50824

In the Linux kernel, the following vulnerability has been resolved: tpm: tpmtis: Add the missed acpiputtable to fix memory leak In checkacpitpm2, we get the TPM2 table just to make sure the table is there, not used after the init, so the acpiputtable should be added to release the ACPI memory...

SUSE CVE-2022-50859

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix the error length of VALIDATENEGOTIATEINFO message Commit d5c7076b772a "smb3: add smb3.1.1 to default dialect list" extend the dialects from 3 to 4, but forget to decrease the extended length when specific the dialect,...

SUSE CVE-2023-54197

In the Linux kernel, the following vulnerability has been resolved: Revert "Bluetooth: btsdio: fix use after free bug in btsdioremove due to unfinished work" This reverts commit 1e9ac114c4428fdb7ff4635b45d4f46017e8916f. This patch introduces a possible null-ptr-def problem. Revert it. And the fix...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992740)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992740 advisory. In the Linux kernel, the following vulnerability has been resolved: pinctrl: nomadik: Fix refcount leak in nmkpinctrldtsubnodetomap ofparsephandle returns a node...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992702)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992702 advisory. In the Linux kernel, the following vulnerability has been resolved: macvlan: enforce a consistent minimal mtu macvlan should enforce a minimal mtu of 68, even at lin...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993081)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993081 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix the Out-of-bounds read warning using index i - 1U may beyond element index for...

EUVD-2022-55831

In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Fix kvzalloc vs statekcalloc usage adrenoshowobject is a trap! It will re-allocate the pointer it is passed on first call, when the data is ascii85 encoded, using kvmalloc/ kvfree. Which means the data passed to it...

CVE-2023-54251

In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: Limit TCATAPRIOATTRSCHEDCYCLETIME to INTMAX. syzkaller found zero division error 0 in divs64rem called from getcycletimeelapsed, where sched-cycletime is the divisor. We have tests in parsetaprioschedule so tha...

CVE-2023-54214

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix potential user-after-free This fixes all instances of which requires to allocate a buffer calling allocskb which may release the chan lock and reacquire later which makes it possible that the chan is...

UBUNTU-CVE-2023-54317

In the Linux kernel, the following vulnerability has been resolved: dm flakey: don't corrupt the zero page When we need to zero some range on a block device, the function blkdevissuezeropages submits a write bio with the bio vector pointing to the zero page. If we use dm-flakey with corrupt bio...

UBUNTU-CVE-2023-54326

In the Linux kernel, the following vulnerability has been resolved: misc: pciendpointtest: Free IRQs before removing the device In pciendpointtestremove, freeing the IRQs after removing the device creates a small race window for IRQs to be received with the test device memory already released,...

CVE-2023-54307 ptp_qoriq: fix memory leak in probe()

In the Linux kernel, the following vulnerability has been resolved: ptpqoriq: fix memory leak in probe Smatch complains that: drivers/ptp/ptpqoriq.c ptpqoriqprobe warn: 'base' from ioremap not released. Fix this by revising the parameter from 'ptpqoriq-base' to 'base'. This is only a bug if...

CVE-2022-50881 wifi: ath9k: Fix use-after-free in ath9k_hif_usb_disconnect()

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix use-after-free in ath9khifusbdisconnect This patch fixes a use-after-free in ath9k that occurs in ath9khifusbdisconnect when ath9kdestroywmi is trying to access 'drvpriv' that has already been freed by...

CVE-2022-50867 drm/msm/a6xx: Fix kvzalloc vs state_kcalloc usage

In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Fix kvzalloc vs statekcalloc usage adrenoshowobject is a trap! It will re-allocate the pointer it is passed on first call, when the data is ascii85 encoded, using kvmalloc/ kvfree. Which means the data passed to it...

CVE-2022-50824

CVE-2022-50824: Linux kernel tpm_tis memory leak fix. The issue occurs in check_acpi_tpm2() where the TPM2 ACPI table is retrieved but not released, leaking ACPI memory. The fix adds acpi_put_table() to release the memory after initialization. Connected advisories indicate multiple vendor advisor...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992370)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992370 advisory. In the Linux kernel, the following vulnerability has been resolved: kcm: annotate data-races around kcm-rxpsock kcm-rxpsock can be read locklessly in kcmrfree...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992655)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992655 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix mlx5pollone curqp update flow When curqp isn't NULL, in order to avoid fetching th...