Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993289)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993289 advisory. In the Linux kernel, the following vulnerability has been resolved: powerpc/perf: Optimize clearing the pending PMI and remove WARNON for PMI check in powerpmudisab...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993013)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993013 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: fix performance regression in swap operation The patch netfilter: ipset: fix ra...

OESA-2025-2869 python3 security update

Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...

OESA-2025-2867 golang security update

. Security Fixes: crypto/x509: Exclude subdomain constraints do not restrict wildcard SANs Exclude subdomain constraints in certificate chains do not restrict the use of wildcard SANs in leaf certificates. For example, excluding the constraint on the subdomain test.example.com does not prevent th...

CVE-2023-54202 drm/i915: fix race condition UAF in i915_perf_add_config_ioctl

In the Linux kernel, the following vulnerability has been resolved: drm/i915: fix race condition UAF in i915perfaddconfigioctl Userspace can guess the id value and try to race oaconfig object creation with config remove, resulting in a use-after-free if we dereference the object after unlocking t...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a race condition in the i915perfaddconfigioctl function that could lead to reuse after release...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992472)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992472 advisory. In the Linux kernel, the following vulnerability has been resolved: powerpc/perf: Optimize clearing the pending PMI and remove WARNON for PMI check in powerpmudisab...

When Risk Is Fragmented, Strategy Suffers

Risk fragmentation remains one of the most overlooked barriers to effective business performance. It doesn’t show up all…...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python3 (UTSA-2025-992143)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992143 advisory. If the value passed to os.path.expandvars is user-controlled a performance degradation is possible when expanding environment variables. Tenable has extracted the...

CVE-2025-68375

In the Linux kernel, the following vulnerability has been resolved: perf/x86: Fix NULL event access and potential PEBS record loss When intelpmudrainpebsicl is called to drain PEBS records, the perfeventoverflow could be called to process the last PEBS record. While perfeventoverflow could trigge...

SUSE CVE-2025-68739

In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: hisi: Fix potential UAF in OPP handling Ensure all required data is acquired before calling devpmoppputopp to maintain correct resource acquisition and release order...

EUVD-2025-205223

In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: hisi: Fix potential UAF in OPP handling Ensure all required data is acquired before calling devpmoppputopp to maintain correct resource acquisition and release order...

CVE-2023-54081

CVE-2023-54081 affects the Linux kernel Xen grant-table reclaim path. When a grant entry is still in use by the remote domain, the VM may accumulate a large deferred-list, causing a severe memory leak and potential VM freeze, notably in Qubes OS due to GUI/window handling constraints. The fix mak...

EUVD-2025-205079

In the Linux kernel, the following vulnerability has been resolved: perf/x86: Fix NULL event access and potential PEBS record loss When intelpmudrainpebsicl is called to drain PEBS records, the perfeventoverflow could be called to process the last PEBS record. While perfeventoverflow could trigge...

CVE-2025-68739

CVE-2025-68739 concerns the Linux kernel component responsible for PM / devfreq, specifically the hisi OPP handling path. The connected documents describe a fix for a potential use-after-free (UAF) in OPP handling when managing power management references. The underlying issue was improper resour...

UBUNTU-CVE-2025-68375

In the Linux kernel, the following vulnerability has been resolved: perf/x86: Fix NULL event access and potential PEBS record loss When intelpmudrainpebsicl is called to drain PEBS records, the perfeventoverflow could be called to process the last PEBS record. While perfeventoverflow could trigge...

CVE-2023-54030 io_uring/net: don't overflow multishot recv

In the Linux kernel, the following vulnerability has been resolved: iouring/net: don't overflow multishot recv Don't allow overflowing multishot recv CQEs, it might get out of hand, hurt performance, and in the worst case scenario OOM the task...

CVE-2025-68375 perf/x86: Fix NULL event access and potential PEBS record loss

In the Linux kernel, the following vulnerability has been resolved: perf/x86: Fix NULL event access and potential PEBS record loss When intelpmudrainpebsicl is called to drain PEBS records, the perfeventoverflow could be called to process the last PEBS record. While perfeventoverflow could trigge...

CVE-2025-68370

In the Linux kernel, CVE-2025-68370 affects the coresight tmc path handling. The fix adds the event handle to the coresight_path so dependent devices can access it (required to retrieve AUX_EVENT per CPU in perf mode). Reproduction example uses perf record -e cs_etm//k -C 0-9, which could trigger...

CVE-2025-68370 coresight: tmc: add the handle of the event to the path

In the Linux kernel, the following vulnerability has been resolved: coresight: tmc: add the handle of the event to the path The handle is essential for retrieving the AUXEVENT of each CPU and is required in perf mode. It has been added to the coresightpath so that dependent devices can access it...