Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993138)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993138 advisory. In the Linux kernel, the following vulnerability has been resolved: vfio/type1: prevent underflow of lockedvm via exec When a vfio container is preserved across exec...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992342)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992342 advisory. In the Linux kernel, the following vulnerability has been resolved: vfio/type1: prevent underflow of lockedvm via exec When a vfio container is preserved across exec...

CVE-2023-53171 vfio/type1: prevent underflow of locked_vm via exec()

In the Linux kernel, the following vulnerability has been resolved: vfio/type1: prevent underflow of lockedvm via exec When a vfio container is preserved across exec, the task does not change, but it gets a new mm with lockedvm=0, and loses the count from existing dma mappings. If the user later...

CVE-2023-53171

CVE-2023-53171 affects the Linux kernel’s vfio/type1 path. The issue occurs when a vfio container is preserved across execs: the task’s mm can change to a new mm with locked_vm=0, causing undercounted DMA mappings and a later unmap to underflow locked_vm, leading to ENOMEM on a subsequent dma map...

kernel: Linux kernel: Denial of Service in vfio/type1 due to locked_vm underflow

A flaw was found in the Linux kernel's vfio/type1 module. A local user could exploit this vulnerability when a vfio container is preserved across an exec call. If the user unmaps a Direct Memory Access DMA mapping, the lockedvm counter can underflow. This underflow can cause subsequent DMA map...