CVE-2026-43277

In the Linux kernel, the following vulnerability has been resolved: APEI/GHES: ensure that won't go past CPER allocated record The logic at ghesnew prevents allocating too large records, by checking if they're bigger than GHESESTATUSMAXSIZE currently, 64KB. Yet, the allocation is done with the...

Security update for postgresql17, postgresql18

This update for postgresql17, postgresql18 fixes the following issues: Changes in postgresql18: Fix build with uring for post SLE15 code streams. Update to 18.1: https://www.postgresql.org/about/news/p-3171/ https://www.postgresql.org/docs/release/18.1/ bsc1253332, CVE-2025-12817: Missing check f...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-387861)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-387861 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Avoid test/setbit operating in non-allocated memory There is a potential...

CVE-2025-39756

CVE-2025-39756 is a Linux kernel issue where extremely high nr_open values (e.g., 1073741816) can trigger massive file descriptor table allocations that exceed INT_MAX, causing a kernel warning and impractical memory requests (>8GB) during operations near the FD limit. The root cause involves ...

DEBIAN-CVE-2024-49973

In the Linux kernel, the following vulnerability has been resolved: r8169: add tally counter fields added with RTL8125 RTL8125 added fields to the tally counter, what may result in the chip dma'ing these new fields to unallocated memory. Therefore make sure that the allocated memory area is big...

CVE-2020-5806

CVE-2020-5806 affects Rockwell Automation’s FactoryTalk Linx (messaging.dll). The root cause is a vulnerability where an attacker-controlled memory allocation size can be passed to the C++ new operator in CServerManager::HandleBrowseLoadIconStreamRequest, exploitable by sending a crafted message ...