MGASA-2026-0105 Updated libtiff packages fix security vulnerabilities

libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tifopen.c. CVE-2025-61143 libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function. CVE-2025-61144...

JLSEC-2026-160

A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service...

JLSEC-2026-166

A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011327)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011327 advisory. In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc: Check return value of platformgetresource platformgetresource returns NULL in case o...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010999)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010999 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fix possible addldescptr out-of-bounds accesses Sanitize possible addldescptr...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013198)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013198 advisory. In the Linux kernel, the following vulnerability has been resolved: pwm: lpc32xx: Remove handling of PWM channels Because LPC32xx PWM controllers have only a single...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013355)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013355 advisory. In the Linux kernel, the following vulnerability has been resolved: thermal: intel: quarkdts: fix error pointer dereference If allocsocdts fails, then we can just...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013167)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013167 advisory. In the Linux kernel, the following vulnerability has been resolved: MIPS: fw: Allow firmware to pass a empty env fwgetenv will use env entry to determine style of en...

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-006893)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006893 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: qla4xxx: Prevent a potential error pointer dereference The qla4xxxgetepfwdb function is...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-010740)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010740 advisory. A NULL pointer dereference flaw was found in the Linux kernel's BPF subsystem in the way a user triggers the mapgetnextkey function of the BPF bloom filter. This fla...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011287)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011287 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix NULL pointer dereference in sndusbmixercontrolsbadd In sndusbcreatestreams,...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010693)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010693 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: Avoid overwriting the copies of clcsock callback functions The callback functions of...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013334)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013334 advisory. In the Linux kernel, the following vulnerability has been resolved: genirq/ipi: Fix NULL pointer deref in irqdatagetaffinitymask If ipisendmask|single is called with...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013386)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013386 advisory. An issue was discovered in the Linux kernel 4.4.x before 4.4.195. There is a NULL pointer dereference in rdstcpkillsock in net/rds/tcp.c that will cause denial of...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011254)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011254 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Fix epfile null pointer access after ep enable. A race condition occurs when...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013082)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013082 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: lib/mpi - avoid null pointer deref in mpicmpui During NVMeTCP Authentication a controller...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-006933)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006933 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fix possible descptr out-of-bounds accesses Sanitize possible descptr out-of-bounds...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011322)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011322 advisory. In the Linux kernel, the following vulnerability has been resolved: PCI: cadence: Check for the existence of cdnspcie::ops before using it cdnspcie::ops might not be...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011220)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011220 advisory. In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null-ptr-deref in raid10syncrequest initresync inits mempool and sets...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013297)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013297 advisory. An issue was discovered in the Linux kernel 4.4.x before 4.4.195. There is a NULL pointer dereference in rdstcpkillsock in net/rds/tcp.c that will cause denial of...