Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992987)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992987 advisory. In the Linux kernel, the following vulnerability has been resolved: kcm: fix strpinit order and cleanup strpinit is called just a few lines above this csk-skuserdata...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993087)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993087 advisory. In the Linux kernel, the following vulnerability has been resolved: net: gso: fix ownership in udpgsosegment In udpgsosegment the skb destructor is removed before...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993193)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993193 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath9khtc: Use skbsetlength for resetting urb before resubmit Syzbot points out that skbtrim...

EUVD-2023-60465

In the Linux kernel, the following vulnerability has been resolved: mptcp: stricter state check in mptcpworker As reported by Christoph, the mptcp protocol can run the worker when the relevant msk socket is in an unexpected state: connect // incoming reset + fastclose // the mptcp worker is...

EUVD-2022-55911

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix NULL-ptr-deref in rxeqpdocleanup when socket create failed There is a null-ptr-deref when mount.cifs over rdma: BUG: KASAN: null-ptr-deref in rxeqpdocleanup+0x2f3/0x360 rdmarxe Read of size 8 at addr 000000000000001...

EUVD-2022-55844

In the Linux kernel, the following vulnerability has been resolved: nfc: virtualncidev: Fix memory leak in virtualncisend skb should be free in virtualncisend, otherwise kmemleak will report memleak. Steps for reproduction simulated in qemu: cd tools/testing/selftests/nci make ./ncidev BUG: memor...

EUVD-2022-55860

In the Linux kernel, the following vulnerability has been resolved: net: stream: purge skerrorqueue in skstreamkillqueues Changheon Lee reported TCP socket leaks, with a nice repro. It seems we leak TCP sockets with the following sequence: 1 SOFTIMESTAMPINGTXACK is enabled on the socket. Each ACK...

EUVD-2022-55866

In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: fix potential memory leak in wilcmacxmit The wilcmacxmit returns NETDEVTXOK without freeing skb, add devkfreeskb to fix it. Compile tested only...

EUVD-2022-55881

In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid possible NULL deref in skbclone syzbot got a crash 1 in skbclone, caused by a bug in hsrgetuntaggedframe. When/if createstrippedskbhsr returns NULL, we must not attempt to call skbclone. While we are at it, replac...

CVE-2023-54238

In the Linux kernel, the following vulnerability has been resolved: mlx5: fix skb leak while fifo resync and push During ptp resync operation SKBs were poped from the fifo but were never freed neither by napiconsume nor by devkfreeskbany. Add call to napiconsumeskb to properly free SKBs. Another...

CVE-2023-54176

In the Linux kernel, the following vulnerability has been resolved: mptcp: stricter state check in mptcpworker As reported by Christoph, the mptcp protocol can run the worker when the relevant msk socket is in an unexpected state: connect // incoming reset + fastclose // the mptcp worker is...

CVE-2022-50885

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix NULL-ptr-deref in rxeqpdocleanup when socket create failed There is a null-ptr-deref when mount.cifs over rdma: BUG: KASAN: null-ptr-deref in rxeqpdocleanup+0x2f3/0x360 rdmarxe Read of size 8 at addr 000000000000001...

CVE-2022-50854

In the Linux kernel, the following vulnerability has been resolved: nfc: virtualncidev: Fix memory leak in virtualncisend skb should be free in virtualncisend, otherwise kmemleak will report memleak. Steps for reproduction simulated in qemu: cd tools/testing/selftests/nci make ./ncidev BUG: memor...

CVE-2023-54238

In the Linux kernel, the following vulnerability has been resolved: mlx5: fix skb leak while fifo resync and push During ptp resync operation SKBs were poped from the fifo but were never freed neither by napiconsume nor by devkfreeskbany. Add call to napiconsumeskb to properly free SKBs. Another...

UBUNTU-CVE-2023-54226

In the Linux kernel, the following vulnerability has been resolved: afunix: Fix data races around sk-skshutdown. KCSAN found a data race around sk-skshutdown where unixreleasesock and unixshutdown update it under unixstatelock, OTOH unixpoll and unixdgrampoll read it locklessly. We need to annota...

CVE-2023-54164

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: fix isoconn related locking and validity issues sk-skstate indicates whether isopisk-conn is valid. Operations that check/update skstate and access conn should hold locksock, otherwise they can race. The order of...

UBUNTU-CVE-2022-50885

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix NULL-ptr-deref in rxeqpdocleanup when socket create failed There is a null-ptr-deref when mount.cifs over rdma: BUG: KASAN: null-ptr-deref in rxeqpdocleanup+0x2f3/0x360 rdmarxe Read of size 8 at addr 000000000000001...

CVE-2022-50854

In the Linux kernel, the following vulnerability has been resolved: nfc: virtualncidev: Fix memory leak in virtualncisend skb should be free in virtualncisend, otherwise kmemleak will report memleak. Steps for reproduction simulated in qemu: cd tools/testing/selftests/nci make ./ncidev BUG: memor...

CVE-2022-50885

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix NULL-ptr-deref in rxeqpdocleanup when socket create failed There is a null-ptr-deref when mount.cifs over rdma: BUG: KASAN: null-ptr-deref in rxeqpdocleanup+0x2f3/0x360 rdmarxe Read of size 8 at addr 000000000000001...

CVE-2022-50863

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: free unused skb to prevent memory leak This avoid potential memory leak under power saving mode...