613 matches found
CVE-2026-22976
CVE-2026-22976 affects the Linux kernel’s net/sched sch_qfq, where two qfq_class objects can reference the same leaf_qdisc. In certain teardown paths (e.g., when a qdisc is pending destruction via tc_new_tfilter and another qdisc is root-attached), a shared leaf_qdisc may have q.qlen > 0 while...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004274)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004274 advisory. In the Linux kernel through 5.4.6, there are information leaks of uninitialized memory to a USB device in the drivers/net/can/usb/kvaserusb/kvaserusbleaf.c driver, a...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004161)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004161 advisory. In the Linux kernel through 5.4.6, there are information leaks of uninitialized memory to a USB device in the drivers/net/can/usb/kvaserusb/kvaserusbleaf.c driver, a...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001119)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001119 advisory. An issue was discovered in fs/xfs/libxfs/xfsattrleaf.c in the Linux kernel through 4.17.3. An OOPS may occur for a corrupted xfs image after xfsdashrinkinode is call...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002535)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002535 advisory. An issue was discovered in fs/xfs/libxfs/xfsattrleaf.c in the Linux kernel through 4.17.3. An OOPS may occur for a corrupted xfs image after xfsdashrinkinode is call...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003199)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003199 advisory. In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf cfsrq's, which allows attackers to cause a denial of service infinite loop in...
PT-2026-3755
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the sch qfq module related to how it handles deactivation of inactive aggregates during a reset operation. Specifically, a NULL dereference can occur ...
Amazon Linux 2023 : docker (ALAS2023-2025-1329)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1329 advisory. crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000353)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000353 advisory. In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf cfsrq's, which allows attackers to cause a denial of service infinite loop in...
Medium: runc
Issue Overview: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. For example a constraint that excludes the subdomain test.example.com does not...
Medium: docker
Issue Overview: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. For example a constraint that excludes the subdomain test.example.com does not...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992868)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992868 advisory. In the Linux kernel, the following vulnerability has been resolved: jfs: check if leafidx greater than num leaves per dmap tree syzbot report a out of bounds in...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992733)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992733 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: fix inode list leak during backref walking at resolveindirectrefs During backref walking, ...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992973)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992973 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: avoid use-after-free in ext4extshowleaf In ext4findextent, path may be freed by error or be...
OESA-2025-2866 golang security update
. Security Fixes: crypto/x509: Exclude subdomain constraints do not restrict wildcard SANs Exclude subdomain constraints in certificate chains do not restrict the use of wildcard SANs in leaf certificates. For example, excluding the constraint on the subdomain test.example.com does not prevent th...
OESA-2025-2864 golang security update
. Security Fixes: crypto/x509: Exclude subdomain constraints do not restrict wildcard SANs Exclude subdomain constraints in certificate chains do not restrict the use of wildcard SANs in leaf certificates. For example, excluding the constraint on the subdomain test.example.com does not prevent th...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992552)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992552 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: fix inode list leak during backref walking at resolveindirectrefs During backref walking, ...
can: kvaser_usb: leaf: Fix potential infinite loop in command parsers
...
EUVD-2025-203772
In the Linux kernel, the following vulnerability has been resolved: can: kvaserusb: leaf: Fix potential infinite loop in command parsers The kvaserusbleafwaitcmd and kvaserusbleafreadbulkcallback functions contain logic to zero-length commands. These commands are used to align data to the USB...
CVE-2025-68308
In the Linux kernel, the following vulnerability has been resolved: can: kvaserusb: leaf: Fix potential infinite loop in command parsers The kvaserusbleafwaitcmd and kvaserusbleafreadbulkcallback functions contain logic to zero-length commands. These commands are used to align data to the USB...