Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000907)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000907 advisory. The tipcnlcompatlinkdump function in net/tipc/netlinkcompat.c in the Linux kernel through 4.6.3 does not properly copy a certain string, which allows local users to...

CVE-2026-20809

Time-of-check time-of-use toctou race condition in Windows Kernel Memory allows an authorized attacker to elevate privileges locally...

CVE-2026-20809

Time-of-check time-of-use toctou race condition in Windows Kernel Memory allows an authorized attacker to elevate privileges locally...

CVE-2026-20809 Windows Kernel Memory Elevation of Privilege Vulnerability

...

CVE-2026-20809

Time-of-check time-of-use toctou race condition in Windows Kernel Memory allows an authorized attacker to elevate privileges locally...

CVE-2025-58409

Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kern...

CVE-2025-58409 GPU DDK - Disguised freelist buffers passed to RGXCreateHWRTDataSet can cause arbitrary physical memory writes corrupting memory

Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kern...

CVE-2025-58409 GPU DDK - Disguised freelist buffers passed to RGXCreateHWRTDataSet can cause arbitrary physical memory writes corrupting memory

Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kern...

CVE-2025-58409

CVE-2025-58409 is a GPU driver vulnerability affecting Imagination Technologies’ GPU driver/Imagination Graphics DDK. The issue arises when an unprivileged user performs improper GPU system calls, subverting GPU hardware to write to arbitrary physical memory pages. Under certain conditions this c...

CVE-2025-68802 drm/xe: Limit num_syncs to prevent oversized allocations

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Limit numsyncs to prevent oversized allocations The exec and vmbind ioctl allow userspace to specify an arbitrary numsyncs value. Without bounds checking, a very large numsyncs can force an excessively large allocation,...

PT-2026-2471

Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kern...

PT-2026-2660

Name of the Vulnerable Software and Affected Versions Windows Kernel affected versions not specified Description A time-of-check time-of-use TOCTOU race condition exists within the Windows Kernel Memory. This condition can be exploited by an authorized attacker to gain elevated privileges on a...

MiracleLinux 9 : kernel-5.14.0-570.37.1.el9_6 (AXSA:2025-10828:63)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10828:63 advisory. kernel: udp: Fix memory accounting leak. CVE-2025-22058 kernel: netsched: ets: Fix double list add in class with netem as child qdisc CVE-2025-3791...

Linux Distros Unpatched Vulnerability : CVE-2025-68810

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: KVM: Disallow toggling KVMMEMGUESTMEMFD on an existing memslot Reject attempts to disable...

CVE-2005-1400

The i386getldt system call in FreeBSD 4.7 to 4.11 and 5.x to 5.4 allows local users to access sensitive kernel memory via arguments with negative or very large values...

CVE-2023-49062

Katran could disclose non-initialized kernel memory as part of an IP header. The issue was present for IPv4 encapsulation and ICMP v4 Too Big packet generation. After a bpfxdpadjusthead call, Katran code didn’t initialize the Identification field for the IPv4 header, resulting in writing content ...

CVE-2018-9368

In mtkscoaudio debugfs there is a possible arbitrary kernel memory write due to missing bounds check and weakened SELinux policies. This could lead to local escalation of privilege with system execution privileges needed. User interaction is not needed for exploitation...

CVE-2018-9401

In many locations, there is a possible way to access kernel memory in user space due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2018-4283

An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue affected versions prior to macOS High Sierra 10.13.6...

CVE-2021-22424

A component of the HarmonyOS has a Kernel Memory Leakage Vulnerability. Local attackers may exploit this vulnerability to cause Kernel Denial of Service...