Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992961)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992961 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: Fix global-out-of-bounds bug in rtl8812aephysettxpowerlimit There is a...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992749)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992749 advisory. In the Linux kernel, the following vulnerability has been resolved: parport: Proper fix for array out-of-bounds access The recent fix for array out-of-bounds accesse...

CVE-2023-54180

In the Linux kernel, the following vulnerability has been resolved: btrfs: handle case when repair happens with dev-replace BUG There is a bug report that a BUGON in btrfsrepairiofailure originally repairiofailure in v6.0 kernel got triggered when replacing a unreliable disk: BTRFS warning device...

CVE-2023-54180

In the Linux kernel, the following vulnerability has been resolved: btrfs: handle case when repair happens with dev-replace BUG There is a bug report that a BUGON in btrfsrepairiofailure originally repairiofailure in v6.0 kernel got triggered when replacing a unreliable disk: BTRFS warning device...

UBUNTU-CVE-2023-54180

In the Linux kernel, the following vulnerability has been resolved: btrfs: handle case when repair happens with dev-replace BUG There is a bug report that a BUGON in btrfsrepairiofailure originally repairiofailure in v6.0 kernel got triggered when replacing a unreliable disk: BTRFS warning device...

CVE-2023-54282

CVE-2023-54282 affects the Linux kernel driver media/tuners/qt1010 (qt1010.c). The vulnerability arises from a buffer overflow in qt1010_init() where i2c_data overflow was flagged (34

CVE-2023-54221 clk: imx93: fix memory leak and missing unwind goto in imx93_clocks_probe

In the Linux kernel, the following vulnerability has been resolved: clk: imx93: fix memory leak and missing unwind goto in imx93clocksprobe In function probe, it returns directly without unregistered hws when error occurs. Fix this by adding 'goto unregisterhws;' on line 295 and line 310. Use...

CVE-2023-54180

CVE-2023-54180 concerns the Linux kernel Btrfs repair flow when a dev-replace operation is in progress. The root cause is a BUG_ON() in btrfs_repair_io_failure() triggered while repairing a degraded/replace target device, due to mirror_num handling in btrfs_map_block() and possible manipulation o...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992668)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992668 advisory. In the Linux kernel, the following vulnerability has been resolved: amdkfd: use calloc instead of kzalloc to avoid integer overflow This uses calloc instead of doing...

PT-2025-53935

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.0.0-syzkaller-02734-g0326074ff465 Description The Linux kernel contained a flaw within the networking component, specifically in the hsr High Speed Resilient functionality. A null dereference issue was identifi...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an improper handling of fixes by btrfs during device replacement, which could lead to null pointer...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992637)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992637 advisory. In the Linux kernel, the following vulnerability has been resolved: llc: do not use skbget before devqueuexmit syzbot is able to crash hosts 1, using llc and devices...

CVE-2019-25245 Ross Video DashBoard 8.5.1 Privilege Escalation via Insecure Permissions

Ross Video DashBoard 8.5.1 contains an elevation of privileges vulnerability that allows authenticated users to modify executable files due to improper permission settings. Attackers can exploit the 'M' or 'C' flags for 'Authenticated Users' group to replace the DashBoard.exe binary with a...

CVE-2019-25245

Ross Video DashBoard 8.5.1 has an elevation-of-privileges vulnerability where authenticated users can replace the DashBoard.exe binary due to improper permissions. The issue arises from the ability of the M/C flags for the Authenticated Users group to modify executables, enabling a local attacker...

CVE-2023-54092

In the Linux kernel, the following vulnerability has been resolved: KVM: s390: pv: fix index value of replaced ASCE The index field of the struct page corresponding to a guest ASCE should be 0. When replacing the ASCE in s390replaceasce, the index of the new ASCE should also be set to 0. Having t...

CVE-2023-54092 KVM: s390: pv: fix index value of replaced ASCE

In the Linux kernel, the following vulnerability has been resolved: KVM: s390: pv: fix index value of replaced ASCE The index field of the struct page corresponding to a guest ASCE should be 0. When replacing the ASCE in s390replaceasce, the index of the new ASCE should also be set to 0. Having t...

CVE-2023-53987

The CVE-2023-53987 issue affects the Linux kernel’s ping handling, where a potential NULL dereference in /proc/net/icmp could be triggered by an incorrect use of Read-Copy-Update (RCU) for ping sockets. The root cause, as stated in multiple sources, is using RCU lookups instead of a spinlock for ...

PT-2025-53331

Name of the Vulnerable Software and Affected Versions Ross Video DashBoard version 8.5.1 Description An elevation of privileges issue exists in Ross Video DashBoard. Authenticated users can modify executable files because of incorrect permission settings. Attackers can leverage the 'M' or 'C' fla...

PT-2025-52520

Name of the Vulnerable Software and Affected Versions AspEmail version 5.6.0.2 Description The software contains a binary permission issue that allows local users to gain higher system access. An attacker can replace the service executable within the BIN directory, due to full write permissions, ...

Foxit PDF Editor Installation Uncontrolled Search Path Privilege Escalation Vulnerability

Talos Vulnerability Report TALOS-2025-2275 Foxit PDF Editor Installation Uncontrolled Search Path Privilege Escalation Vulnerability December 19, 2025 CVE Number CVE-2025-57779 SUMMARY A privilege escalation vulnerability exists during the installation of Foxit PDF Editor via the Microsoft Store....