Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988916)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988916 advisory. In the Linux kernel, the following vulnerability has been resolved: ath10k: skip ath10khalt during suspend for driver state RESTARTING Double free crash is observed...

CVE-2025-41724 Sauter: Crash via Incomplete SOAP Request

An unauthenticated remote attacker can crash the wscserver by sending incomplete SOAP requests. The wscserver process will not be restarted by a watchdog and a device reboot is necessary to make it work again...

SUSE CVE-2022-49519

In the Linux kernel, the following vulnerability has been resolved: ath10k: skip ath10khalt during suspend for driver state RESTARTING Double free crash is observed when FW recoverycaused by wmi timeout/crash is followed by immediate suspend event. The FW recovery is triggered by ath10kcorerestar...

UBUNTU-CVE-2022-49519

In the Linux kernel, the following vulnerability has been resolved: ath10k: skip ath10khalt during suspend for driver state RESTARTING Double free crash is observed when FW recoverycaused by wmi timeout/crash is followed by immediate suspend event. The FW recovery is triggered by ath10kcorerestar...

CVE-2022-49519

The CVE-2022-49519 issue concerns the Linux kernel wireless driver ath10k. A double invocation of ath10k_halt during a suspend sequence could occur when FW recovery triggered by ath10k_core_restart() interleaves with suspend, freezing the restart worker and causing ath10k_htt_rx_free() to be free...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a double call to ath10khalt triggered by a suspend event when the driver state is RESTARTING, resulting in a...

UBUNTU-CVE-2024-52867

guix-daemon in GNU Guix before 5ab3c4c allows privilege escalation because build outputs are accessible by local users before file metadata concerns e.g., for setuid and setgid programs are properly addressed. The vulnerability can be remediated within the product via certain pull, reconfigure, a...

CVE-2024-37386

An issue was discovered in Stormshield Network Security SNS 4.0.0 through 4.3.25, 4.4.0 through 4.7.5, and 4.8.0. Certain manipulations allow restarting in single-user mode despite the activation of secure boot. The following versions fix this: 4.3.27, 4.7.6, and 4.8.2...

Disable Restart Button While Desktops are Restarting

This article describes how to configure the StoreFront to ignore clicks on “Restart” while desktop is powering off and while it is powering on again. Background When the user’s desktop is restarting, there might be issues if they repeatedly click on the desktop...

CVE-2024-32936 media: ti: j721e-csi2rx: Fix races while restarting DMA

In the Linux kernel, the following vulnerability has been resolved: media: ti: j721e-csi2rx: Fix races while restarting DMA After the frame is submitted to DMA, it may happen that the submitted list is not updated soon enough, and the DMA callback is triggered before that. This can lead to kernel...

Virtuozzo Hybrid Infrastructure 6.0 Update 1 Hotfix 3 (6.0.1-89)

This update provides stability improvements. Vulnerability id: VSTOR-82695 Deploying a Kubernetes cluster may take longer than expected. Vulnerability id: VSTOR-82730 Restarting libvirtd causes EFI VMs to reboot...

CVE-2024-21771

For unspecified traffic patterns, BIG-IP AFM IPS engine may spend an excessive amount of time matching the traffic against signatures, resulting in Traffic Management Microkernel TMM restarting and traffic disruption. Note: Software versions which have reached End of Technical Support EoTS are no...

Design/Logic Flaw

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Sierra Wireless, Inc ALEOS could potentially allow a remote attacker to trigger a Denial of Service DoS condition for ACEManager without impairing other router functions. This condition is cleared by restarting the device...

GHSA-XV83-X443-7RMW HTML injection in search results via plaintext message highlighting

Impact Plain text messages containing HTML tags are rendered as HTML in the search results. To exploit this, an attacker needs to trick a user into searching for a specific message containing an HTML injection payload. Cross-site scripting is possible by including resources from recaptcha.net and...

Authorization

An Improper Authorization vulnerability in the 'sysmanctl' shell command of Juniper Networks Junos OS Evolved allows a local, authenticated attacker to execute administrative commands that could impact the integrity of the system or system availability. Administrative functions such as daemon...

K73657294: BIG-IP APM VDI plugin vulnerability CVE-2020-27722

Security Advisory Description Under certain conditions, the VDI plugin does not observe plugin flow-control protocol causing excessive resource consumption. CVE-2020-27722 Impact This affects only a BIG-IP APM virtual server configured with a Virtual Desktop Infrastructure VDI profile. Your BIG-I...

GSD-2022-1002818 ath10k: skip ath10k_halt during suspend for driver state RESTARTING

ath10k: skip ath10khalt during suspend for driver state RESTARTING This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.3 by commit...

GHSA-JJGH-M322-FJX6 Openstack Octavia Access Control Vulnerability

Description An access-control flaw was found in the Octavia service when the cloud platform was deployed using Red Hat OpenStack Platform Director. An attacker could cause new amphorae to run based on any arbitrary image. This meant that a remote attacker could upload a new amphorae image and, if...

CVE-2022-24666

A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HTTP/2 frame. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. This vulnerability is caused by a logical error when parsing a HTTP/2 HEADERS fram...

dnf-plugins-core bug fix update

The dnf-plugins-core packages provide core plugins for YUM4. They add these commands: builddep, config-manager, copr, debug, debuginfo-install, download, needs-restarting, repoclosure, repograph, repomanage, and reposync. Bug Fixes and Enhancements: "needs-restarting -r" not notifying kernel...