Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992285)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992285 advisory. In the Linux kernel, the following vulnerability has been resolved: android: binder: stop saving a pointer to the VMA Do not record a pointer to a VMA outside of the...

CVE-2023-54116

In the Linux kernel, the following vulnerability has been resolved: drm/fbdev-generic: prohibit potential out-of-bounds access The fbdev test of IGT may write after EOF, which lead to out-of-bound access for drm drivers with fbdev-generic. For example, run fbdev test on a x86+ast2400 platform, wi...

CVE-2022-50775

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix refcount leak in hnsrocemmap rdmausermmapentrygetpgoff takes the reference. Add missing rdmausermmapentryput to release the reference. Acked-by Haoyue Xu...

CVE-2022-50775

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix refcount leak in hnsrocemmap rdmausermmapentrygetpgoff takes the reference. Add missing rdmausermmapentryput to release the reference. Acked-by Haoyue Xu...

UBUNTU-CVE-2022-50775

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix refcount leak in hnsrocemmap rdmausermmapentrygetpgoff takes the reference. Add missing rdmausermmapentryput to release the reference. Acked-by Haoyue Xu...

UBUNTU-CVE-2023-54157

In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF of alloc-vma in race with munmap cmllamas: clean forward port from commit 015ac18be7de "binder: fix UAF of alloc-vma in race with munmap" in 5.10 stable. It is needed in mainline after the revert of commit...

CVE-2023-54157

CVE-2023-54157 concerns a Linux kernel Binder use-after-free (UAF) of alloc->vma caused by a race with munmap. The root cause cited across connected documents is that access to alloc->vma in binder_update_page_range() could race with vm_area_free() in munmap due to a previous downgrade of t...

CVE-2022-50775

CVE-2022-50775 pertains to the Linux kernel RDMA/hns subsystem. The vulnerability arises from a refcount leak in hns_roce_mmap where rdma_user_mmap_entry_get_pgoff() takes a reference but rdma_user_mmap_entry_put() to release it was missing. The fix adds the missing release call to properly drop ...

CVE-2022-50775 RDMA/hns: Fix refcount leak in hns_roce_mmap

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix refcount leak in hnsrocemmap rdmausermmapentrygetpgoff takes the reference. Add missing rdmausermmapentryput to release the reference. Acked-by Haoyue Xu...

PT-2025-53141

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A reference count leak exists in the hns roce mmap function within the RDMA/hns module of the Linux kernel. The rdma user mmap entry get pgoff function acquires a reference, but the...

SUSE CVE-2025-68329

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix WARNON in tracingbuffersmmapclose for split VMAs When a VMA is split e.g., by partial munmap or MAPFIXED, the kernel calls vmops-close on each portion. For trace buffer mappings, this results in ringbufferunmap being...

UBUNTU-CVE-2025-68329

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix WARNON in tracingbuffersmmapclose for split VMAs When a VMA is split e.g., by partial munmap or MAPFIXED, the kernel calls vmops-close on each portion. For trace buffer mappings, this results in ringbufferunmap being...

CVE-2025-68329 tracing: Fix WARN_ON in tracing_buffers_mmap_close for split VMAs

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix WARNON in tracingbuffersmmapclose for split VMAs When a VMA is split e.g., by partial munmap or MAPFIXED, the kernel calls vmops-close on each portion. For trace buffer mappings, this results in ringbufferunmap being...

SUSE CVE-2025-40332

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix mmap write lock not release If mmap write lock is taken while draining retry fault, mmap write lock is not released because svmrangerestorepages calls mmapreadunlock then returns. This causes deadlock and system...

EUVD-2025-201870

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix mmap write lock not release If mmap write lock is taken while draining retry fault, mmap write lock is not released because svmrangerestorepages calls mmapreadunlock then returns. This causes deadlock and system...

CVE-2025-40332

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix mmap write lock not release If mmap write lock is taken while draining retry fault, mmap write lock is not released because svmrangerestorepages calls mmapreadunlock then returns. This causes deadlock and system...

UBUNTU-CVE-2025-40332

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix mmap write lock not release If mmap write lock is taken while draining retry fault, mmap write lock is not released because svmrangerestorepages calls mmapreadunlock then returns. This causes deadlock and system...

CVE-2025-40332

CVE-2025-40332: In the Linux kernel, drm/amdkfd mmap write lock could deadlock when draining a retry fault, because svm_range_restore_pages would unlock mmap_read_lock and return. The fix downgrades the mmap write lock to a read lock during draining retry faults, preventing deadlock and subsequen...

CVE-2025-40332

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix mmap write lock not release If mmap write lock is taken while draining retry fault, mmap write lock is not released because svmrangerestorepages calls mmapreadunlock then returns. This causes deadlock and system...

CVE-2025-40332 drm/amdkfd: Fix mmap write lock not release

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix mmap write lock not release If mmap write lock is taken while draining retry fault, mmap write lock is not released because svmrangerestorepages calls mmapreadunlock then returns. This causes deadlock and system...