Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000789)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000789 advisory. arch/x86/entry/entry64.S in the Linux kernel before 4.1.6 on the x8664 platform improperly relies on espfix64 during nested NMI processing, which allows local users ...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004318)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004318 advisory. A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister MSR access with nested=1 virtualization enabled. In that, L1 guest could access...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001476)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001476 advisory. A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by t...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004156)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004156 advisory. A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstance...

CVE-2026-0989

A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002569)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002569 advisory. arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested virtualisation is used, does not properly traverse guest pagetable entries to resolve a guest...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003187)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003187 advisory. arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested virtualisation is used, does not properly traverse guest pagetable entries to resolve a guest...

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion via the RelaxNG schema inclusion process. An attacker can cause stack exhaustion and application crashes by supplying maliciously crafted or deeply nested schema files that trigger unbounded recursion during...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002570)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002570 advisory. The nestedvmxcheckvmptr function in arch/x86/kvm/vmx.c in the Linux kernel through 4.9.8 improperly emulates the VMXON instruction, which allows KVM L1 guest OS user...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002979)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002979 advisory. In arch/x86/kvm/vmx.c in the Linux kernel before 4.17.2, when nested virtualization is used, local attackers could cause L1 KVM guests to VMEXIT, potentially allowin...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003277)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003277 advisory. In arch/x86/kvm/vmx.c in the Linux kernel before 4.17.2, when nested virtualization is used, local attackers could cause L1 KVM guests to VMEXIT, potentially allowin...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003140)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003140 advisory. In the Linux kernel 4.15.x through 4.19.x before 4.19.2, mapwrite in kernel/usernamespace.c allows privilege escalation because it mishandles nested user namespaces...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003045)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003045 advisory. A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested=1 virtualization is enabled. In...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001901)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001901 advisory. arch/x86/entry/entry64.S in the Linux kernel before 4.1.6 on the x8664 platform improperly relies on espfix64 during nested NMI processing, which allows local users ...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003163)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003163 advisory. In the Linux kernel 4.15.x through 4.19.x before 4.19.2, mapwrite in kernel/usernamespace.c allows privilege escalation because it mishandles nested user namespaces...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002978)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002978 advisory. A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested=1 virtualization is enabled. In...

MiracleLinux 4 : dbus-1.2.24-4.AXS4 (AXSA:2011-116:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2011-116:01 advisory. D-BUS is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messagin...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001739)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001739 advisory. In locksocknested of sock.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution...

jaraco.context Has a Path Traversal Vulnerability

Summary There is a Zip Slip path traversal vulnerability in the jaraco.context package affecting setuptools as well, in jaraco.context.tarball function. The vulnerability may allow attackers to extract files outside the intended extraction directory when malicious tar archives are processed. The...

GHSA-58PV-8J8X-9VJ2 jaraco.context Has a Path Traversal Vulnerability

Summary There is a Zip Slip path traversal vulnerability in the jaraco.context package affecting setuptools as well, in jaraco.context.tarball function. The vulnerability may allow attackers to extract files outside the intended extraction directory when malicious tar archives are processed. The...