Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989265)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989265 advisory. In the Linux kernel, the following vulnerability has been resolved: net/nfc: fix use-after-free llcpsockbind/connect Commits 8a4cd82d nfc: fix refcount leak in...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990187)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990187 advisory. In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: do not leave a dangling sk pointer in ieee802154create sockinitdata attaches the...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989436)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989436 advisory. In the Linux kernel, the following vulnerability has been resolved: net: tipc: fix possible refcount leak in tipcskcreate Free sk in case tipcskinsert fails. Tenable...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989567)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989567 advisory. In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inetcreate sockinitdata attaches the allocated s...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990078)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990078 advisory. In the Linux kernel, the following vulnerability has been resolved: udp: Set SOCKRCUFREE earlier in udplibgetport. syzkaller triggered the warning 0 in...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988701)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988701 advisory. In the Linux kernel, the following vulnerability has been resolved: nfc: fdp: Fix potential memory leak in fdpncisend fdpncisend will call fdpncii2cwrite that will n...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990348)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990348 advisory. In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inetcreate sockinitdata attaches the allocated s...

Security update for the Linux Kernel (Live Patch 8 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002338 fixes several issues. The following security issues were fixed: CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631. CVE-2025-38617: net/packet: fix a race in packetsetring and packetnotifier bsc1249208...

CVE-2025-12599

Multiple Devices are Sharing the Same Secrets for SDKSocket TCP/5000.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5...

EUVD-2025-37436

Multiple Devices are Sharing the Same Secrets for SDKSocket TCP/5000.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5...

CVE-2025-12599

Multiple Devices are Sharing the Same Secrets for SDKSocket TCP/5000.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5...

CVE-2025-12599 Multiple Devices are Sharing the Same Secrets for SDKSocket (TCP/5000)

Multiple Devices are Sharing the Same Secrets for SDKSocket TCP/5000.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5...

CVE-2025-12599

The CVE affects Azure Access Technology BLU-IC2 and BLU-IC4 up to version 1.19.5, where multiple devices share the same SDKSocket key over TCP/5000. The root cause is the reuse of a shared SDKSocket secret, which can lead to unauthorized access or compromise of device communications (affecting co...

CVE-2025-12599 Multiple Devices are Sharing the Same Secrets for SDKSocket (TCP/5000)

Multiple Devices are Sharing the Same Secrets for SDKSocket TCP/5000.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ax25: The unshare skbs operation was performed correctly in ax25kissrcv. Bernard Pidoux reported a regression that appeared to be caused by the commit c353e8983e0d “net: introduce per netns packet chains”. This commit introduced ...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: tls: Handle the situation where data disappears from the TLS ULP. TLS assumes that it owns the receive queue of the TCP socket. This assumption cannot be guaranteed if the reader of the TCP socket entered before the TLS ULP was...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: tls: Always refresh the queue when reading sock. After recent changes in net-next, TCP compacts skb much more aggressively. This uncovered a bug in TLS, where we might attempt to operate on an old skb when checking whether all sk...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: tls: Make sure to abort the stream if the headers are invalid. Normally, we wait for the socket to buffer up the entire record before processing it. However, if the socket has a very small buffer, we read out the data sooner to...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: sunrpc: Fixing the handling of server-side TLS alerts Scott Mayhew discovered a security exploit in NFS over TLS, specifically in the tlsalertrecv function. This exploit stemmed from a misunderstanding by the system that it could...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: BPF, ktls: Fixed data corruption when using bpfmsgpopdata in ktls. When sending plain-text data, we initially calculated the corresponding ciphertext length. However, if we later reduce the length of the plain-text data via...