12 matches found
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001335)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001335 advisory. A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by t...
AZL-70349 CVE-2022-50070 affecting package kernel for versions less than 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: mptcp: do not queue data on closed subflows Dipanjan reported a syzbot splat at close time: WARNING: CPU: 1 PID: 10818 at net/ipv4/afinet.c:153 inetsockdestruct+0x6d0/0x8e0 net/ipv4/afinet.c:153 Modules linked in: uioivshmemOE ui...
PT-2025-18514 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.1.0-rc1 Description: A potential null pointer dereference issue has been identified in the Linux kernel, specifically in the kprobe event gen test exit function. This issue occurs when the trace get event file...
AZL-55070 CVE-2024-56746 affecting package kernel for versions less than 5.15.176.3-1
In the Linux kernel, the following vulnerability has been resolved: fbdev: sh7760fb: Fix a possible memory leak in sh7760fballocmem When information such as info-screenbase is not ready, calling sh7760fbfreemem does not release memory correctly. Call dmafreecoherent instead...
AZL-53709 CVE-2024-50150 affecting package kernel for versions less than 5.15.173.1-1
In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmode should keep reference to parent The altmode device release refers to its parent device, but without keeping a reference to it. When registering the altmode, get a reference to the parent and put it in the...
AZL-49286 CVE-2024-46685 affecting package kernel for versions less than 5.15.167.1-1
In the Linux kernel, the following vulnerability has been resolved: pinctrl: single: fix potential NULL dereference in pcsgetfunction pinmuxgenericgetfunction can return NULL and the pointer 'function' was dereferenced without checking against NULL. Add checking of pointer 'function' in...
AZL-32175 CVE-2023-50431 affecting package kernel for versions less than 5.15.153.1-1
secattestinfo in drivers/accel/habanalabs/common/habanalabsioctl.c in the Linux kernel through 6.6.5 allows an information leak to user space because info-pad0 is not initialized...
CVE-2021-4095
A NULL pointer dereference was found in the Linux kernel's KVM when dirty ring logging is enabled without an active vCPU context. An unprivileged local attacker on the host may use this flaw to cause a kernel oops condition and thus a denial of service by issuing a KVMXENHVMSETATTR ioctl. This fl...
AZL-8605 CVE-2021-45402 affecting package kernel for versions less than 5.15.26.1-1
The checkaluop function in kernel/bpf/verifier.c in the Linux kernel through v5.16-rc5 did not properly update bounds while handling the mov32 instruction, which allows local users to obtain potentially sensitive address information, aka a "pointer leak."...
PT-2021-8215 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.16.0-rc4-syzkaller Description: The vulnerability is related to the MPTCP component in the Linux kernel, which can cause a NULL pointer dereference when deleting an endpoint. This can lead to a general...
CVE-2021-3653
A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "intctl" field, this issue could allow a malicious ...
AZL-6531 CVE-2021-23134 affecting package kernel for versions less than 5.10.78.1-1
Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAPNETRAW capability...