Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006741)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006741 advisory. In the Linux kernel, the following vulnerability has been resolved: HID: asus: fix UAF via HIDCLAIMEDINPUT validation After hidhwstart is called hidinputconnect will...

CVE-2026-1878

An Insufficient Integrity Verification vulnerability in the ASUS ROG peripheral driver installation process allows privilege escalation to SYSTEM. The vulnerability is due to improper access control on the installation directory, which enables the exploitation of a race condition where the...

EUVD-2026-11507

An Insufficient Integrity Verification vulnerability in the ASUS ROG peripheral driver installation process allows privilege escalation to SYSTEM. The vulnerability is due to improper access control on the installation directory, which enables the exploitation of a race condition where the...

CVE-2026-1878

An Insufficient Integrity Verification vulnerability in the ASUS ROG peripheral driver installation process allows privilege escalation to SYSTEM. The vulnerability is due to improper access control on the installation directory, which enables the exploitation of a race condition where the...

CVE-2026-1878

An Insufficient Integrity Verification vulnerability in the ASUS ROG peripheral driver installation process allows privilege escalation to SYSTEM. The vulnerability is due to improper access control on the installation directory, which enables the exploitation of a race condition where the...

CVE-2026-1878

An Insufficient Integrity Verification vulnerability in the ASUS ROG peripheral driver installation process allows privilege escalation to SYSTEM. The vulnerability is due to improper access control on the installation directory, which enables the exploitation of a race condition where the...

CVE-2026-1878

An Insufficient Integrity Verification vulnerability in the ASUS ROG peripheral driver installation process allows privilege escalation to SYSTEM. The vulnerability is due to improper access control on the installation directory, which enables the exploitation of a race condition where the...

CVE-2026-1878

The CVE-2026-1878 vulnerability affects the ASUS ROG peripheral driver installation process, where insufficient integrity verification and improper access control on the installation directory enable a race condition in which a legitimate installer can be replaced with a payload after download, l...

ASUS ROG peripheral driver 安全漏洞

The ASUS ROG peripheral driver is a driver for peripheral devices developed by ASUS, a Taiwanese company. The ASUS ROG peripheral driver contains a security vulnerability, which stems from improper access control in the installation directory. This vulnerability may allow for the execution of...

PT-2026-24911

An Insufficient Integrity Verification vulnerability in the ASUS ROG peripheral driver installation process allows privilege escalation to SYSTEM. The vulnerability is due to improper access control on the installation directory, which enables the exploitation of a race condition where the...

CVE-2019-18216

The BIOS configuration design on ASUS ROG Zephyrus M GM501GS laptops with BIOS 313 relies on the main battery instead of using a CMOS battery, which reduces the value of a protection mechanism in which booting from a USB device is prohibited. Attackers who have physical laptop access can exhaust...

AZL-72898 CVE-2025-68334 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/pmc: Add support for Van Gogh SoC The ROG Xbox Ally non-X SoC features a similar architecture to the Steam Deck. While the Steam Deck supports S3 s2idle causes a crash, this support was dropped by the Xbox Ally...

EUVD-2021-28134

Malicious code in bioql PyPI...

EUVD-2025-29590

Malicious code in bioql PyPI...

CVE-2025-39824 HID: asus: fix UAF via HID_CLAIMED_INPUT validation

In the Linux kernel, the following vulnerability has been resolved: HID: asus: fix UAF via HIDCLAIMEDINPUT validation After hidhwstart is called hidinputconnect will eventually be called to set up the device with the input layer since the HIDCONNECTDEFAULT connect mask is used. During...

CVE-2025-39824

The CVE CVE-2025-39824 affects the Linux kernel HID subsystem. A crafted HID descriptor can trigger a use-after-free in hid_input handling during hidinput_connect() after hid_hw_start(), notably via ASUS HID devices (e.g., ASUS ROG N-Key keyboard). The root cause is that capability bitmaps may no...

CVE-2021-40981

ASUS ROG Armoury Crate Lite before 4.2.10 allows local users to gain privileges by placing a Trojan horse file in the publicly writable %PROGRAMDATA%\ASUS\GamingCenterLib directory...

PT-2025-52662

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to platform/x86/amd/pmc support for the Van Gogh SoC. Specifically, the ROG Xbox Ally non-X SoC, which shares a similar architecture with the Ste...

PT-2025-37969

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A user-after-free vulnerability exists in the Linux kernel related to HID Human Interface Device processing, specifically within the handling of ASUS ROG N-Key keyboards. A maliciously...

ASUS Armoury Crate Service Elevation of Privilege Vulnerability

ASUS Armoury Crate Service is a software utility program from ASUS, China. It is designed to provide centralized control over supported ROG gaming products. An elevation of privilege vulnerability exists in ASUS Armoury Crate Service versions prior to 5.3.4.1, which stems from an unprivileged IOC...