EUVD-2023-60490

In the Linux kernel, the following vulnerability has been resolved: media: af9005: Fix null-ptr-deref in af9005i2cxfer In af9005i2cxfer, msg is controlled by user. When msgi.buf is null and msgi.len is zero, former checks on msgi.buf would be passed. Malicious data finally reach af9005i2cxfer. If...

EUVD-2023-60520

In the Linux kernel, the following vulnerability has been resolved: media: av7110: prevent underflow in writetstodecoder The buf4 value comes from the user via tsplay. It is a value in the u8 range. The final length we pass to av7110ipackinstantrepack is "len - buf4 + 1 - 4" so add a check to...

CVE-2022-50884

In the Linux kernel, the following vulnerability has been resolved: drm: Prevent drmcopyfield to attempt copying a NULL pointer There are some struct drmdriver fields that are required by drivers since drmcopyfield attempts to copy them to user-space via DRMIOCTLVERSION. But it can be possible th...

OESA-2025-2882 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved:tcpmetrics: validate source addr lengthI don t see anything checking that TCPMETRICSATTRSADDRIPV4is at least 4 bytes long, and the policy doesn t have an entryfor...

CVE-2023-54245

CVE-2023-54245 concerns a Linux kernel vulnerability in ASoC: codecs: tx-macro where a KASAN slab-out-of-bounds read occurred (regcache_flat_read path). The issue manifested under syzkaller as a read from regcache_flat_read traced through regmap_READ/UPDATE_BITS and snd_soc_component_write_field,...

CVE-2022-50855 bpf: prevent leak of lsm program after failed attach

In the Linux kernel, the following vulnerability has been resolved: bpf: prevent leak of lsm program after failed attach In 0, we added the ability to bpfprogattach LSM programs to cgroups, but in our validation to make sure the prog is meant to be attached to BPFLSMCGROUP, we return too early if...

CVE-2022-50816 ipv6: ensure sane device mtu in tunnels

In the Linux kernel, the following vulnerability has been resolved: ipv6: ensure sane device mtu in tunnels Another syzbot report 1 with no reproducer hints at a bug in ip6gre tunnel dev:ip6gretap0 Since ipv6 mcast code makes sure to read dev-mtu once and applies a sanity check on it see commit...

CVE-2022-50812 security: Restrict CONFIG_ZERO_CALL_USED_REGS to gcc or clang > 15.0.6

In the Linux kernel, the following vulnerability has been resolved: security: Restrict CONFIGZEROCALLUSEDREGS to gcc or clang 15.0.6 A bad bug in clang's implementation of -fzero-call-used-regs can result in NULL pointer dereferences see the links above the check for more information. Restrict...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992288)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992288 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: atm: cxacru: fix a flaw in existing endpoint checks Syzbot once again identified a flaw in u...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992665)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992665 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix flushtlbrange when used for zapping normal PMDs On the following path, flushtlbrange...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992644)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992644 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp: tcpmakesynack can be called from process context tcprtxsynack now could be called in process...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992492)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992492 advisory. In the Linux kernel, the following vulnerability has been resolved: NFSv4/pnfs: Fix a use-after-free bug in open If someone cancels the open RPC call, then we must n...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992283)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992283 advisory. In the Linux kernel, the following vulnerability has been resolved: md: Replace snprintf with scnprintf Current code produces a warning as shown below when total...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992606)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992606 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: fix race in sockmapfree sockmapfree calls releasesocksk without owning a reference ...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992533)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992533 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix WARNING in mbfindextent Syzbot found the following issue: EXT4-fs: Warning: mounting wi...

Unity Linux 20.1060e Security Update: kernel (UTSA-2025-992680)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992680 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix command flush on cable pull System crash due to command failed to flush back t...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992529)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992529 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix error unwind in rxecreateqp In the function rxecreateqp, rxeqpfrominit is called to...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992467)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992467 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmfcpreinitdcmds This patch fixes a...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992462)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992462 advisory. In the Linux kernel, the following vulnerability has been resolved: dm raid: fix address sanitizer warning in raidstatus There is this warning when using a kernel wi...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992526)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992526 advisory. In the Linux kernel, the following vulnerability has been resolved: cxl: Fix a memory leak in an error handling path A bitmapzalloc must be balanced by a correspondi...