Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990409)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990409 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp: do not accept ACK of bytes we never sent This patch is based on a detailed report and ideas...

EUVD-2025-37893

A vulnerability in the RADIUS setting Reject RADIUS requests from clients with repeated failures on Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to cause Cisco ISE to restart unexpectedly. This vulnerability is due to a logic error when processing a RADIUS...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988665)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988665 advisory. In the Linux kernel, the following vulnerability has been resolved: net: macb: fix use after free on rmmod platdev-dev-platformdata is released by...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989468)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989468 advisory. In the Linux kernel, the following vulnerability has been resolved: net: fix uninit-value in caifseqpktsendmsg When nrsegs equal to zero in iovecfromuser, the object...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989146)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989146 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btmtksdio: Fix kernel oops in btmtksdiointerrupt Fix the following kernel oops in...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989471)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989471 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fix function prototype mismatch in sndseqexpandvarevent With clang's kernel control fl...

CLSA-2025-1762269073 Fix CVE(s): CVE-2018-1000500, CVE-2022-28391, CVE-2023-39810

SECURITY UPDATE: missing SSL certificate validation vulnerability in wget - debian/patches/CVE-2018-1000500-1.patch: implement TLS verification with CENABLEFEATUREWGETOPENSSL - debian/patches/CVE 2018-1000500-2.patch: fix openssl options for cert verification - CVE-2018-1000500 SECURITY UPDATE:...

EUVD-2025-37717

This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able to access protected user data...

CLSA-2025-1762171389 kernel: Fix of 15 CVEs

nfs: fix possible null-ptr-deref when parsing param CVE-2022-50455 - KVM: arm64: Disassociate vcpus from redistributor region on teardown CVE-2024-40989 - HID: core: Harden s32ton against conversion to 0 bits CVE-2025-38556 - ALSA: usb-audio: Validate UAC3 cluster segment descriptors...

Recommended update of flake-pilot (moderate)

openSUSE security update: recommended update of flake-pilot ------------------------------------------------------------- Announcement ID: openSUSE-SU-2025-20000-1 Rating: moderate References: bsc1248004 Cross-References: CVE-2025-55159 CVSS scores: CVE-2025-55159 SUSE : 5.8...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check dcehwseq before dereferencing it WHAT hws was checked for null earlier in dce110blankstream, indicating hws can be null, and should be checked whenever it is used. cherry picked from commit...

IBM Tivoli Monitoring 路径遍历漏洞

IBM Tivoli Monitoring is a set of system monitoring solutions introduced by IBM, mainly used for real-time monitoring of system performance, availability and application status in the enterprise IT environment. A path traversal vulnerability exists in IBM Tivoli Monitoring that stems from not...

IBM Tivoli Monitoring 路径遍历漏洞

IBM Tivoli Monitoring is a set of system monitoring solutions introduced by IBM, mainly used for real-time monitoring of system performance, availability and application status in the enterprise IT environment. A path traversal vulnerability exists in IBM Tivoli Monitoring that stems from not...

kernel: crypto: seqiv - Handle EBUSY correctly

In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Handle EBUSY correctly As it is seqiv only handles the special return value of EINPROGERSS, which means that in all other cases it will free data related to the request. However, as the caller of seqiv may specify...

tty: n_gsm: Don't block input queue by waiting MSC

...

Linux Distros Unpatched Vulnerability : CVE-2025-55754

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. Tomcat did not escape ANSI escape sequences in log messages. If...

kernel: crypto: seqiv - Handle EBUSY correctly

In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Handle EBUSY correctly As it is seqiv only handles the special return value of EINPROGERSS, which means that in all other cases it will free data related to the request. However, as the caller of seqiv may specify...

RLSA-2025:18298 Moderate: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: ALSA: usb-audio: Validate UAC3 cluster segment descriptors CVE-2025-39757 kernel: ALSA: hda/ca0132: Fix buffer overflow in...

RLSA-2025:18297 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ALSA: usb-audio: Validate UAC3 cluster segment descriptors CVE-2025-39757 kernel: ALSA: hda/ca0132: Fix buffer overflow in addtuningcontrol CVE-2025-39751 kernel: crypto: seqiv - Handle...

EUVD-2025-35646

Not used...