Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993097)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993097 advisory. In the Linux kernel, the following vulnerability has been resolved: MIPS: cpuinfo: Fix a warning for CONFIGCPUMASKOFFSTACK When CONFIGCPUMASKOFFSTACK and...

Linux Distros Unpatched Vulnerability : CVE-2023-54288

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: mac80211: fortify the spinlock against deadlock by interrupt In the function ieee80211txdequeue there is a particular locking sequence: begin:...

CVE-2022-50799

Fetch FTP Client 5.8.2 contains a denial of service vulnerability that allows attackers to trigger 100% CPU consumption by sending long server responses. Attackers can send specially crafted FTP server responses exceeding 2K bytes to cause excessive resource utilization and potentially crash the...

EUVD-2023-60513

In the Linux kernel, the following vulnerability has been resolved: vduse: fix NULL pointer dereference vdusevdpasetvqaffinity callback can be called with NULL value as cpumask when deleting the vduse device. This patch resets virtqueue's IRQ affinity mask value to set all CPUs instead of...

CVE-2022-50878

CVE-2022-50878 relates to the Linux kernel GPU driver for lontium-lt9611. The root cause was a missing NULL check on bridge->encoder in lt9611_connector_init(), which could be NULL but was dereferenced in drm_connector_attach_encoder. The vulnerability is resolved by the fix that introduces a ...

CVE-2023-54279 MIPS: fw: Allow firmware to pass a empty env

In the Linux kernel, the following vulnerability has been resolved: MIPS: fw: Allow firmware to pass a empty env fwgetenv will use env entry to determine style of env, however it is legal for firmware to just pass a empty list. Check if first entry exist before running strchr to avoid null pointe...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992380)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992380 advisory. In the Linux kernel, the following vulnerability has been resolved: bounds: Use the right number of bits for power-of-two CONFIGNRCPUS bitsper rounds up to the next...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992695)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992695 advisory. In the Linux kernel, the following vulnerability has been resolved: cpufreq: scpi: Fix null-ptr-deref in scpicpufreqgetrate cpufreqcpugetraw can return NULL when the...

gpu: host1x: Fix race in syncpt alloc/free

...

SUSE CVE-2023-54049

In the Linux kernel, the following vulnerability has been resolved: rpmsg: glink: Add check for kstrdup Add check for the return value of kstrdup and return the error if it fails in order to avoid NULL pointer dereference...

Linux Distros Unpatched Vulnerability : CVE-2023-54090

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ixgbe: Fix panic during XDPTX with 64 CPUs Commit 4fe815850bdc ixgbe: let the xdpdrv work with more than 64 cpus adds support to allow XDP programs to run on...

CLSA-2025-1766613623 linux-firmware: Fix of 2 CVEs

Made AMD CPU microcode updates to fix CVE-2024-36350 and CVE-2024-36357 - Update AMD CPU microcode to 20251125 - Addition AMD CPU microcode for processor family 0x1a: cpuid:0x00B00F81ver:0x0B008121, cpuid:0x00B20F40ver:0x0B204037, cpuid:0x00B40F40ver:0x0B404035, cpuid:0x00B40F41ver:0x0B404108,...

UBUNTU-CVE-2022-50761

In the Linux kernel, the following vulnerability has been resolved: x86/xen: Fix memory leak in xeninitlockcpu In xeninitlockcpu, the @name has allocated new string by kasprintf, if bindipitoirqhandler fails, it should be freed, otherwise may lead to a memory leak issue, fix it...

CVE-2023-53996

CVE-2023-53996 : In the Linux kernel, a bug in x86/sev handling caused live migration corruption when encryption status was computed. The function enc_dec_hypercall() previously used a page count instead of a size, forcing callers to round up and causing non-page-aligned vaddrs to be treated as d...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from null event access and potential PEBS record loss, which could result in the event pointer being cleared...

BIT-NIFI-2025-66524 Apache NiFi: Deserialization of Untrusted Data in GetAsanaObject Processor

Apache NiFi 1.20.0 through 2.6.0 include the GetAsanaObject Processor, which requires integration with a configurable Distribute Map Cache Client Service for storing and retrieving state information. The GetAsanaObject Processor used generic Java Object serialization and deserialization without...

GHSA-428G-F7CQ-PGP5 Marshmallow has DoS in Schema.load(many)

Impact Schema.loaddata, many=True is vulnerable to denial of service attacks. A moderately sized request can consume a disproportionate amount of CPU time. Patches 4.1.2, 3.26.2 Workarounds py Fail fast def loadmanyschema, data, kwargs: if not isinstancedata, list: raise ValidationError'Invalid...

rexml: REXML denial of service

A denial of service flaw has been discovered in the rubygem REXML. Certain input can cause excess cpu usage and given sufficiently large input this can affect program performance...

resolv: Denial of Service in resolv gem

A denial of service flaw was found in resolv ruby gem. This flaw allows an attacker to craft a malicious DNS packet containing a highly compressed domain name. When the resolv library parses this packet, the name decompression process consumes a large amount of CPU resources, as the library does...

K000158881: Intel Xeon processor vulnerability CVE-2025-20053

Security Advisory Description Improper buffer restrictions for some IntelR XeonR Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2025-20053 Impact There is no impact; F5 products are not affected by this...