Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989468)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989468 advisory. In the Linux kernel, the following vulnerability has been resolved: net: fix uninit-value in caifseqpktsendmsg When nrsegs equal to zero in iovecfromuser, the object...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fixed the byte count in sendmsg in siwtcpsendpages. Since the commit c2ff29e99a76 “siw: Inline dotcpsendpages”, we have been fixing this issue as follows: c static int siwtcpsendpagesstruct socket s, struct page page, i...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: atm: clip: Fixed NULL pointer dereferencing in vccsendmsg atmarpddevops does not implement the send method, which may cause crashes as described below. BUG: NULL pointer dereferencing in the kernel, address: 0000000000000000 P...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Improper Handling of Values (CVE-2024-46783)

In the Linux kernel, the following vulnerability has been resolved: tcpbpf: fix return value of tcpbpfsendmsg. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987644)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987644 advisory. In the Linux kernel, the following vulnerability has been resolved: can: isotp: isotpsendmsg: add result check for waiteventinterruptible Using waiteventinterruptibl...

AZL-76437 CVE-2025-39964 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Disallow concurrent writes in afalgsendmsg Issuing two writes to the same afalg socket is bogus as the data will be interleaved in an unpredictable fashion. Furthermore, concurrent writes may create inconsistencie...

CVE-2025-39964 crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Disallow concurrent writes in afalgsendmsg Issuing two writes to the same afalg socket is bogus as the data will be interleaved in an unpredictable fashion. Furthermore, concurrent writes may create inconsistencie...

EUVD-2025-31838

A vulnerability was identified in JhumanJ OpnForm up to 1.9.3. The affected element is an unknown function of the component HTTP Header Handler. The manipulation of the argument X-Forwarded-For leads to improper restriction of excessive authentication attempts. The attack is possible to be carrie...

EUVD-2006-6637

Malware in sbrugna...

EUVD-2020-28586

Malware in sbrugna...

EUVD-2001-0975

Malware in sbrugna...

EUVD-2005-2491

Malware in sbrugna...

EUVD-2008-5277

Malware in sbrugna...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986334)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986334 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix signed integer overflow in l2tpip6sendmsg When len = INTMAX - transhdrlen, ulen = len +...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-738528)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-738528 advisory. In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix sdma.h tx-numdescs off-by-one error Unfortunately the commit fd8958efe877 introduced...

crypto: af_alg - Set merge to zero early in af_alg_sendmsg

...

EUVD-2025-32402

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Set merge to zero early in afalgsendmsg If an error causes afalgsendmsg to abort, ctx-merge may contain a garbage value from the previous loop. This may then trigger a crash on the next entry into afalgsendmsg whe...

UBUNTU-CVE-2025-39931

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Set merge to zero early in afalgsendmsg If an error causes afalgsendmsg to abort, ctx-merge may contain a garbage value from the previous loop. This may then trigger a crash on the next entry into afalgsendmsg whe...

CVE-2025-39931 crypto: af_alg - Set merge to zero early in af_alg_sendmsg

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Set merge to zero early in afalgsendmsg If an error causes afalgsendmsg to abort, ctx-merge may contain a garbage value from the previous loop. This may then trigger a crash on the next entry into afalgsendmsg whe...

CVE-2025-39931

The CVE-2025-39931 entry concerns the Linux kernel crypto/af_alg subsystem. The vulnerability occurs in af_alg_sendmsg: if an error causes the call to abort, ctx->merge may contain a garbage value from the previous loop, which can trigger a crash on the next entry into af_alg_sendmsg when atte...