Unity Linux 20.1070a Security Update: kernel (UTSA-2025-387199)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-387199 advisory. In the Linux kernel, the following vulnerability has been resolved: firmwareloader: Block path traversal Most firmware names are hardcoded strings, or are constructe...

CVE-2025-21921 net: ethtool: netlink: Allow NULL nlattrs when getting a phy_device

In the Linux kernel, the following vulnerability has been resolved: net: ethtool: netlink: Allow NULL nlattrs when getting a phydevice ethnlreqgetphydev is used to lookup a phydevice, in the case an ethtool netlink command targets a specific phydev within a netdev's topology. It takes as a...

PT-2025-14302 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the ethtool netlink command. The issue occurs when the ethnl req get phydev function is used to lookup a phy device, a...

CVE-2022-49295

CVE-2022-49295 documents a race in the Linux kernel nbd subsystem: during module removal, netlink command handling can race with cleanup unless genl_unregister_family() is called first in nbd_cleanup(). The described oops is a NULL pointer dereference (addr 0x98) in down_write(), with a trace thr...

CVE-2022-49295

In the Linux kernel, the following vulnerability has been resolved: nbd: call genlunregisterfamily first in nbdcleanup Otherwise there may be race between module removal and the handling of netlink command, which can lead to the oops as shown below: BUG: kernel NULL pointer dereference, address:...

CVE-2024-47742

CVE-2024-47742 : Linux kernel firmware_loader path traversal vulnerability. Several code paths construct firmware filenames from device or userspace data (e.g., lpfc_sli4_request_firmware_update, nfp_net_fw_find, module_flash_fw_schedule). The issue arises when dynamic firmware names can include ...

PT-2024-32788

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.58 Description The issue is related to the firmware loader in the Linux kernel, where certain code paths construct firmware file names from string components passed through from devices or semi-privileged...

UBUNTU-CVE-2016-8658

Stack-based buffer overflow in the brcmfcfg80211startap function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.7.5 allows local users to cause a denial of service system crash or possibly have unspecified other impact via a long SSID Information Eleme...

CVE-2016-5243

A leak of information was possible when issuing a netlink command of the stack memory area leading up to this function call. An attacker could use this to determine stack information for use in a later exploit...