Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000244)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000244 advisory. In the Linux kernel before 4.20.14, expanddownwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NU...

CVE-2025-62862

Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM Boot Error Record Table driver that could result in 1 an out-of-bounds read which leaks Secure-EL0 information to a process...

CVE-2023-4020

An unvalidated input in a library function responsible for communicating between secure and non-secure memory in Silicon Labs TrustZone implementation allows reading/writing of memory in the secure region of memory from the non-secure region of memory...

Design/Logic Flaw

An unvalidated input in a library function responsible for communicating between secure and non-secure memory in Silicon Labs TrustZone implementation allows reading/writing of memory in the secure region of memory from the non-secure region of memory...

Silicon Labs TrustZone Input Validation Error Vulnerability

Silicon Labs TrustZone is a security software technology from Silicon Labs, Inc. Silicon Labs TrustZone suffers from an input validation error vulnerability that arises from a library function that does not perform user input validation, which could allow an attacker to read from a non-secure...

PT-2023-30825 · Google · Android

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is caused by a logic error in the code, allowing the secure world to write to NS memory. This could lead to local escalation of privilege, wit...

CVE-2022-20182

In handleramdump of pixelloader.c, there is a possible way to create a ramdump of non-secure memory due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

PT-2022-14412 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a missing permission check in the handle ramdump function of pixel loader.c, which could allow the creation of a ramdump of non-secure memory. This may lead to local information disclosure,...

PUB-A-222348453

In handleramdump of pixelloader.c, there is a possible way to create a ramdump of non-secure memory due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation...

CVE-2020-3619

u'Non-secure memory is touched multiple times during TrustZone\u2019s execution and can lead to privilege escalation or memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &...

Memory corruption

u'Non-secure memory is touched multiple times during TrustZone\u2019s execution and can lead to privilege escalation or memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &...

DEBIAN-CVE-2019-9213

In the Linux kernel before 4.20.14, expanddownwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task...

Design/Logic Flaw

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, and SD 810, the function tzbsppilverifysig does not...