Unity Linux 20.1050e / 20.1060e Security Update: kernel (UTSA-2026-013401)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013401 advisory. In the Linux kernel, the following vulnerability has been resolved: r8169: Fix possible ring buffer corruption on fragmented Tx packets. An issue was found on the...

CVE-2025-40078 bpf: Explicitly check accesses to bpf_sock_addr

In the Linux kernel, the following vulnerability has been resolved: bpf: Explicitly check accesses to bpfsockaddr Syzkaller found a kernel warning on the following sockaddr program: 0: r0 = 0 1: r2 = u32 r1 +60 2: exit which triggers: verifier bug: error during ctx access conversion 0 This is...

Timing Attack

Overview Affected versions of this package are vulnerable to Timing Attack via discrepancies in processing invalid padding errors in legacy API mbedtlsciphercrypt and mbedtlscipherfinish functions and in the PSA Crypto API psacipherdecrypt and psacipherfinish functions when handling any other...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the failure of the xfrm module to properly handle padding data when dumping algorithms, which could lead to...

USN-6727-1 nss vulnerabilities

It was discovered that NSS incorrectly handled padding when checking PKCS1 certificates. A remote attacker could possibly use this issue to perform Bleichenbacher-like attacks and recover private data. This issue only affected Ubuntu 20.04 LTS. CVE-2023-4421 It was discovered that NSS had a timin...

opencryptoki: timing side-channel in handling of RSA PKCS#1 v1.5 padded ciphertexts (Marvin)

A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS1 v1.5 padded ciphertexts. This flaw could potentially enable unauthorized RSA ciphertext decryption or signing, even without access to the corresponding private key...

SUSE CVE-2012-0390

The DTLS implementation in GnuTLS 3.0.10 and earlier executes certain error-handling code only if there is a specific relationship between a padding length and the ciphertext size, which makes it easier for remote attackers to recover partial plaintext via a timing side-channel attack, a related...

PT-2019-12479 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.0.13 Description: The issue allows remote attackers to cause a denial of service or possibly have other impacts via UDP packets with a 0 payload, due to mishandling of padded packets. This is related to the ud...