Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001956)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001956 advisory. The sctpinit function in net/sctp/protocol.c in the Linux kernel before 4.2.3 has an incorrect sequence of protocol-initialization steps, which allows local users to...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001813)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001813 advisory. The rfcommsockrecvmsg function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002422)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002422 advisory. Race condition in net/sctp/socket.c in the Linux kernel before 4.1.2 allows local users to cause a denial of service list corruption and panic via a rapid series of...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002141)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002141 advisory. The rfcommsockbind function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 4.2 allows local users to obtain sensitive information or cause a denial of...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003561)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003561 advisory. The irdasetsockopt function in net/irda/afirda.c and later in drivers/staging/irda/net/afirda.c in the Linux kernel before 4.17 allows local users to cause a denial ...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002286)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002286 advisory. The evmupdateevmxattr function in security/integrity/evm/evmcrypto.c in the Linux kernel before 3.7.5, when the Extended Verification Module EVM is enabled, allows...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002519)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002519 advisory. net/tipc/socket.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure and a certain length variable, which allows local users to obtain...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002450)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002450 advisory. crypto/algifskcipher.c in the Linux kernel before 4.4.2 does not verify that a setkey operation has been performed on an AFALG socket before an accept system call is...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002005)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002005 advisory. crypto/mcryptd.c in the Linux kernel before 4.8.15 allows local users to cause a denial of service NULL pointer dereference and system crash by using an AFALG socket...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003329)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003329 advisory. Race condition in net/packet/afpacket.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service use-after-free by...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003087)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003087 advisory. An issue was discovered in the Linux kernel before 4.14.16. There is a use-after-free in net/sctp/socket.c for a held lock after a peel off, aka CID-a0ff660058b8...

CVE-2025-68776

A flaw was found in the Linux kernel's High-availability Seamless Redundancy HSR networking component. This vulnerability occurs due to a missing NULL pointer check in the prpgetuntaggedframe function. An attacker could exploit this by triggering a scenario where a memory allocation fails, leadin...

CVE-2022-50925

Prowise Reflect version 1.0.9 contains a remote keystroke injection vulnerability that allows attackers to send keyboard events through an exposed WebSocket on port 8082. Attackers can craft malicious web pages to inject keystrokes, opening applications and typing arbitrary text by sending specif...

CVE-2025-71113

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - zero initialize memory allocated via sockkmalloc Several crypto user API contexts and requests allocated with sockkmalloc were left uninitialized, relying on callers to set fields explicitly. This resulted in the...

CVE-2025-71113

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - zero initialize memory allocated via sockkmalloc Several crypto user API contexts and requests allocated with sockkmalloc were left uninitialized, relying on callers to set fields explicitly. This resulted in the...

CVE-2025-71113 crypto: af_alg - zero initialize memory allocated via sock_kmalloc

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - zero initialize memory allocated via sockkmalloc Several crypto user API contexts and requests allocated with sockkmalloc were left uninitialized, relying on callers to set fields explicitly. This resulted in the...

kernel: tls: wait for pending async decryptions if tls_strp_msg_hold fails

A vulnerability was found in tlsdecryptsg in net/tls/tlssw.c in networking subsystem in the Linux Kernel.In this flaw, If it fails to clone of the input skb to hold the reference to the memory it uses may lead a use-after-free...

SUSE CVE-2025-71086

In the Linux kernel, the following vulnerability has been resolved: net: rose: fix invalid array index in rosekillbydevice rosekillbydevice collects sockets into a local array and then iterates over them to disconnect sockets bound to a device being brought down. The loop mistakenly indexes...

MiracleLinux 3 : device-mapper-multipath-0.4.7-23.2.1AXS3 (AXSA:2009-47:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2009-47:01 advisory. device-mapper-multipath provides tools to manage multipath devices by instructing the device-mapper multipath kernel module what to do. Fixed bugs: CVE-2009-01...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001059)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001059 advisory. Race condition in net/sctp/socket.c in the Linux kernel before 4.1.2 allows local users to cause a denial of service list corruption and panic via a rapid series of...