Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000624)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000624 advisory. Use-after-free vulnerability in the vhostnetsetbackend function in drivers/vhost/net.c in the Linux kernel through 3.10.3 allows local users to cause a denial of...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002344)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002344 advisory. Use-after-free vulnerability in the vhostnetsetbackend function in drivers/vhost/net.c in the Linux kernel through 3.10.3 allows local users to cause a denial of...

DEBIAN-CVE-2023-52923

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: adapt set backend to use GC transaction API Use the GC transaction API to replace the old and buggy gc API and the busy mark approach. No set elements are removed from async garbage collection anymore, instea...

UBUNTU-CVE-2023-52923

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: adapt set backend to use GC transaction API Use the GC transaction API to replace the old and buggy gc API and the busy mark approach. No set elements are removed from async garbage collection anymore, instea...

kernel: Possible use-after-free since the two fdget() during vhost_net_set_backend()

A use-after-free flaw was found in vhostnetsetbackend in drivers/vhost/net.c in the virtio network subcomponent in the Linux kernel due to a double fget. This issue could allow a local attacker to crash the system, and could lead to a kernel information leak problem...

CLSA-2024-1705081601 Fix of 7 CVEs

CVE-url: https://ubuntu.com/security/CVE-2023-7192 - netfilter: ctnetlink: fix possible refcount leak in ctnetlinkcreateconntrack CVE-url: https://ubuntu.com/security/CVE-2023-6610 - smb: client: fix potential OOB in smb2dumpdetail CVE-url: https://ubuntu.com/security/CVE-2023-6606 - smb: client:...

kernel: Possible use-after-free since the two fdget() during vhost_net_set_backend()

A use-after-free flaw was found in vhostnetsetbackend in drivers/vhost/net.c in the virtio network subcomponent in the Linux kernel due to a double fget. This issue could allow a local attacker to crash the system, and could lead to a kernel information leak problem...

A use-after-free flaw was found in vhost_net_set_backend in drivers/vhost/net.c in virtio network subcomponent in the Linux kernel due to a double fget. This flaw could allow a local attacker to crash the system and could even lead to a kernel information leak problem.

...

The vulnerability of the vhost_net_set_backend function (drivers/vhost/net.c) in the Linux kernel’s virtio subcomponent allows a attacker to cause a service failure and expose sensitive information.

The vulnerability of the vhostnetsetbackend function drivers/vhost/net.c in the Linux kernel’s virtio subcomponent is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause a service failure and expose sensitive information...

DEBIAN-CVE-2023-1838

A use-after-free flaw was found in vhostnetsetbackend in drivers/vhost/net.c in virtio network subcomponent in the Linux kernel due to a double fget. This flaw could allow a local attacker to crash the system, and could even lead to a kernel information leak problem...

kernel: vhost-net: stack overflow in get_raw_socket while checking sk_family field

A stack buffer overflow issue was found in the getrawsocket routine of the Host kernel accelerator for virtio net vhost-net driver. It could occur while doing an ictolVHOSTNETSETBACKEND call, and retrieving socket name in a kernel stack variable via getrawsocket. A user able to perform ioctl2 cal...

kernel: vhost-net: stack overflow in get_raw_socket while checking sk_family field

A stack buffer overflow issue was found in the getrawsocket routine of the Host kernel accelerator for virtio net vhost-net driver. It could occur while doing an ictolVHOSTNETSETBACKEND call, and retrieving socket name in a kernel stack variable via getrawsocket. A user able to perform ioctl2 cal...

UBUNTU-CVE-2013-4127

Use-after-free vulnerability in the vhostnetsetbackend function in drivers/vhost/net.c in the Linux kernel through 3.10.3 allows local users to cause a denial of service OOPS and system crash via vectors involving powering on a virtual machine...