Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011210)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011210 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/xen: Fix memory leak in xeninitlockcpu In xeninitlockcpu, the @name has allocated new string ...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010893)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010893 advisory. In the Linux kernel, the following vulnerability has been resolved: drm: amd: display: Fix memory leakage This commit fixes memory leakage in dcconstructctx function...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011208)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011208 advisory. In the Linux kernel, the following vulnerability has been resolved: fs/binfmtelf: Fix memory leak in loadelfbinary There is a memory leak reported by kmemleak:...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013240)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013240 advisory. In the Linux kernel, the following vulnerability has been resolved: udplite: Fix NULL pointer dereference in skmemraiseallocated. syzbot reported 0 a null-ptr-deref ...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010993)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010993 advisory. In the Linux kernel, the following vulnerability has been resolved: memory: of: Fix refcount leak bug in oflpddr3getddrtimings We should add the ofnodeput when...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011099)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011099 advisory. In the Linux kernel, the following vulnerability has been resolved: net: sched: actife: initialize struct tcife to fix KMSAN kernel-infoleak Fix a KMSAN...

kernel: Linux kernel: Information disclosure in efivarfs via incorrect error propagation

A flaw was found in the efivarfs component of the Linux kernel. This vulnerability, an information disclosure issue, arises from incorrect error handling in the efivarentryget function. An unprivileged local attacker can exploit this by reading from efivarfs, potentially causing uninitialized...

CVE-2026-31429

A flaw was found in the Linux kernel. When the Kernel Electric Fence KFENCE, a memory safety error detector, is enabled, a memory corruption vulnerability can occur. This happens because the skbkfreehead function incorrectly frees network buffer skb head data to the wrong memory cache. This...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the skbkfreehead function potentially releasing objects allocated with KFENCE to the wrong cache,...

PT-2026-33746

In the Linux kernel, the following vulnerability has been resolved: net: skb: fix cross-cache free of KFENCE-allocated skb head SKB SMALL HEAD CACHE SIZE is intentionally set to a non-power-of-2 value e.g. 704 on x86 64 to avoid collisions with generic kmalloc bucket sizes. This ensures that skb...

Shopify: mruby-engine: UAF in MRubyEngine#initialize enables local RCE

Summary Double-init of MRubyEngine frees engine + unmaps mspace, but leaves Ruby DATAPTR dangling. Kernel reuses freed VA via mmapMAPFIXED. Attacker forges memrubyengine struct + mrbstate in reclaimed region, points mrbstate-allocf at libc.system, arranges bytes of mrbstate to also spell a shell...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007246)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007246 advisory. In the Linux kernel, the following vulnerability has been resolved: tracing/histograms: Add histograms to histvars if they have referenced variables Hist triggers ca...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007326)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007326 advisory. In the Linux kernel, the following vulnerability has been resolved: dmaengine: nbpfaxi: Fix memory corruption in probe The nbpf-chan array is allocated earlier in th...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007366)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007366 advisory. In the Linux kernel, the following vulnerability has been resolved: caif: fix memory leak in cfctrllinkuprequest When linktype is unknown or kzalloc failed in...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007444)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007444 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: fix potential memleak in 'addwidgetnode' As 'kobjectadd' may allocated memory for...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007467)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007467 advisory. In the Linux kernel, the following vulnerability has been resolved: net: sched: actife: initialize struct tcife to fix KMSAN kernel-infoleak Fix a KMSAN...

CVE-2026-26169

Buffer over-read in Windows Kernel Memory allows an authorized attacker to disclose information locally...

Exploit for Heap-based Buffer Overflow in Microsoft

CVE-2024-26229 BOF Beacon Object File implementation of CVE-2...

EUVD-2026-22400

Buffer over-read in Windows Kernel Memory allows an authorized attacker to disclose information locally...

CVE-2026-26169

Buffer over-read in Windows Kernel Memory allows an authorized attacker to disclose information locally...