Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414629)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414629 advisory. Guest can force Linux netback driver to hog large amounts of kernel memory This CNA information record relates to multiple CVEs; the text explains which...

CVE-2022-49266 block: fix rq-qos breakage from skipping rq_qos_done_bio()

In the Linux kernel, the following vulnerability has been resolved: block: fix rq-qos breakage from skipping rqqosdonebio a647a524a467 "block: don't call rqqosops-donebio if the bio isn't tracked" made bioendio skip rqqosdonebio if BIOTRACKED is not set. While this fixed a potential oops, it also...

CVE-2022-49266

In the Linux kernel, the following vulnerability has been resolved: block: fix rq-qos breakage from skipping rqqosdonebio a647a524a467 "block: don't call rqqosops-donebio if the bio isn't tracked" made bioendio skip rqqosdonebio if BIOTRACKED is not set. While this fixed a potential oops, it also...

CVE-2022-49266

CVE-2022-49266 (Linux kernel) : The vulnerability arises in the block layer where the patch that prevents calling rq_qos_done_bio() for untracked bios caused blk-iocost to mis-handle merged bios, leaving them “in-flight.” The fix adds a new flag BIO_QOS_MERGED to mark merged bios and ensures rq_q...

Amazon Linux AMI : kernel (ALAS-2023-1688)

The version of kernel installed on the remote host is prior to 4.14.262-135.486. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1688 advisory. 2024-04-30: CVE-2023-0047 was removed from this advisory rejected. 2024-02-01: CVE-2023-0047 was added to this...

SUSE SLED12: cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc (SUSE-SU-2022:0068-1)

The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0068-1 advisory. The SUSE Linux Enterprise 12 SP5 kernel was updated. The following security bugs were fixed: - CVE-2019-15126:...

CVE-2021-28715

Guest can force Linux netback driver to hog large amounts of kernel memory This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the...

CVE-2021-28714

Guest can force Linux netback driver to hog large amounts of kernel memory This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the...

CVE-2021-28714

Concrete details: CVE-2021-28714 and CVE-2021-28715 pertain to the Linux kernel netback driver in guests. Incoming packets for a guest are buffered until processing, with a long default client-side RX queue stall timeout (60 seconds) that can be bypassed; on fast UDP interfaces this can accumulat...