Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002352)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002352 advisory. The udpv6pushpendingframes function in net/ipv6/udp.c in the IPv6 implementation in the Linux kernel through 3.10.3 makes an incorrect function call for pending data...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003405)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003405 advisory. The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002092)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002092 advisory. The Linux kernel before 3.12, when UDP Fragmentation Offload UFO is enabled, does not properly initialize certain data structures, which allows local users to cause ...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000998)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000998 advisory. The cipsov4validate function in net/ipv4/cipsoipv4.c in the Linux kernel before 3.4.8 allows local users to cause a denial of service NULL pointer dereference and...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000864)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000864 advisory. The socksetsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sksndbuf and skrcvbuf, which allows local users to cau...

SUSE CVE-2025-40149

In the Linux kernel, the following vulnerability has been resolved: tls: Use skdstget and dstdevrcu in getnetdevforsock. getnetdevforsock is called during setsockopt, so not under RCU. Using skdstgetsk-dev could trigger UAF. Let's use skdstget and dstdevrcu. Note that the only -ndoskgetlowerdev...

UBUNTU-CVE-2025-40149

In the Linux kernel, the following vulnerability has been resolved: tls: Use skdstget and dstdevrcu in getnetdevforsock. getnetdevforsock is called during setsockopt, so not under RCU. Using skdstgetsk-dev could trigger UAF. Let's use skdstget and dstdevrcu. Note that the only -ndoskgetlowerdev...

CVE-2025-40149

In the Linux kernel, the following vulnerability has been resolved: tls: Use skdstget and dstdevrcu in getnetdevforsock. getnetdevforsock is called during setsockopt, so not under RCU. Using skdstgetsk-dev could trigger UAF. Let's use skdstget and dstdevrcu. Note that the only -ndoskgetlowerdev...

Siemens SIMATIC Devices Improper Input Validation (CVE-2024-35967)

Bluetooth: SCO: Fix not validating setsockopt user input This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503473; scriptversion"1.2";...

Siemens SIMATIC Devices Integer Overflow or Wraparound (CVE-2025-21711)

net/rose: prevent integer overflows in rosesetsockopt This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503507; scriptversion"1.2";...

Siemens SIMATIC Devices Classic Buffer Overflow (CVE-2024-35965)

Bluetooth: L2CAP: Fix not validating setsockopt user input Check user input length before copying data. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...

Linux Distros Unpatched Vulnerability : CVE-2022-50531

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tipc: fix an information leak in tipctopsrvkernsubscr Use a 8-byte write to initialize...

kernel: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c

A flaw was discovered in processing setsockopt IPTSOSETREPLACE or IP6TSOSETREPLACE for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space. This action is usually restricted to root-privileged users but can also be leverage...

SUSE CVE-2022-50531

In the Linux kernel, the following vulnerability has been resolved: tipc: fix an information leak in tipctopsrvkernsubscr Use a 8-byte write to initialize sub.usrhandle in tipctopsrvkernsubscr, otherwise four bytes remain uninitialized when issuing setsockopt..., SOLTIPC, .... This resulted in an...

CLSA-2025-1759866837 kernel: Fix of 44 CVEs

mm: zswap: fix missing folio cleanup in writeback race path CVE-2024-26832 - mm: fix zswap writeback race condition CVE-2023-53178 - dm array: fix releasing a faulty array block twice in dmarraycursorend CVE-2024-57929 - drm/dpmst: Fix MST sideband message body length check CVE-2024-56616 - gpio:...

CVE-2022-50531

The CVE-2022-50531 issue is in the Linux kernel Tipc subsystem where an 4-byte portion of sub.usr_handle remained uninitialized when handling setsockopt for SOL_TIPC, causing a kernel infoleak detected by KMSAN. The fixed version initializes sub.usr_handle with an 8-byte write in tipc_topsrv_kern...

CVE-2022-50531 tipc: fix an information leak in tipc_topsrv_kern_subscr

In the Linux kernel, the following vulnerability has been resolved: tipc: fix an information leak in tipctopsrvkernsubscr Use a 8-byte write to initialize sub.usrhandle in tipctopsrvkernsubscr, otherwise four bytes remain uninitialized when issuing setsockopt..., SOLTIPC, .... This resulted in an...

EUVD-2001-1374

Malware in sbrugna...

EUVD-2007-1350

Malware in sbrugna...

EUVD-2013-4087

Malware in sbrugna...