Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993268)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993268 advisory. In the Linux kernel, the following vulnerability has been resolved: igb: Do not free qvector unless new one was allocated Avoid potential use-after-free condition...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992704)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992704 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: Require FMODEWRITE for atomic write ioctls The F2FS ioctls for starting and committing atom...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993122)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993122 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: cdns3 fix use-after-free at workaround 2 BUG: KFENCE: use-after-free read in...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993054)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993054 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: zfcp: Fix double free of FSF request when qdio send fails We used to use the wrong type of...

CVE-2022-50855

In the Linux kernel, the following vulnerability has been resolved: bpf: prevent leak of lsm program after failed attach In 0, we added the ability to bpfprogattach LSM programs to cgroups, but in our validation to make sure the prog is meant to be attached to BPFLSMCGROUP, we return too early if...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992305)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992305 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Allow waiting for commands to complete on removed device When a SCSI device is removed...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the failure to decrement the reference count when the bpfprogattach LSM program fails, which could lead to a...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992440)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992440 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: do not allow CHAINID to refer to another table When doing lookups for chains...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992686)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992686 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Reset IRTE to host control if new route isn't postable Restore an IRTE back to host...

CVE-2022-50740

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hifusb: fix memory leak of urbs in ath9khifusbdealloctxurbs Syzkaller reports a long-known leak of urbs in ath9khifusbdealloctxurbs. The cause of the leak is that usbgeturb is called but usbfreeurb or usbputurb is no...

Moderate: Red Hat Security Advisory: podman security update

An update for podman is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

SUSE CVE-2025-64750

SingularityCE and SingularityPRO are open source container platforms. Prior to SingularityCE 4.3.5 and SingularityPRO 4.1.11 and 4.3.5, if a user relies on LSM restrictions to prevent malicious operations then, under certain circumstances, an attacker can redirect the LSM label write operation so...

CVE-2025-64750

SingularityCE and SingularityPRO are open source container platforms. Prior to SingularityCE 4.3.5 and SingularityPRO 4.1.11 and 4.3.5, if a user relies on LSM restrictions to prevent malicious operations then, under certain circumstances, an attacker can redirect the LSM label write operation so...

UBUNTU-CVE-2025-65807

An issue in sd command v1.0.0 and before allows attackers to escalate privileges to root via a crafted command...

Important: Red Hat Security Advisory: tomcat security update

An update for tomcat is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

EUVD-2025-200289

Singluarity ineffectively applies selinux / apparmor LSM process labels...

GHSA-WWRX-W7C9-RF87 Singluarity ineffectively applies selinux / apparmor LSM process labels

Impact Native Mode default Singularity's default native runtime allows users to apply restrictions to container processes using the apparmor or selinux Linux Security Modules LSMs, via the --security selinux: or --security apparmor: flags. LSM labels are written to process or thread attrs/exec...

CVE-2025-64750 Singluarity ineffectively applies of selinux / apparmor LSM process labels

SingularityCE and SingularityPRO are open source container platforms. Prior to SingularityCE 4.3.5 and SingularityPRO 4.1.11 and 4.3.5, if a user relies on LSM restrictions to prevent malicious operations then, under certain circumstances, an attacker can redirect the LSM label write operation so...

CVE-2025-64750 Singluarity ineffectively applies of selinux / apparmor LSM process labels

SingularityCE and SingularityPRO are open source container platforms. Prior to SingularityCE 4.3.5 and SingularityPRO 4.1.11 and 4.3.5, if a user relies on LSM restrictions to prevent malicious operations then, under certain circumstances, an attacker can redirect the LSM label write operation so...

CVE-2025-64750

CVE-2025-64750 affects SingularityCE before 4.3.5 and SingularityPRO before 4.1.11 and 4.3.5. The issue arises when a user relies on LSM restrictions to prevent malicious operations; under certain conditions an attacker can redirect the LSM label write operation to be ineffective. Exploitation re...