Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986899)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986899 advisory. In the Linux kernel, the following vulnerability has been resolved: wireguard: socket: free skb in send6 when ipv6 is disabled I got a memory leak report: unreferenc...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987284)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987284 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix dangling scoconn and use-after-free in scosocktimeout Connecting the same socket...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986797)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986797 advisory. In the Linux kernel, the following vulnerability has been resolved: can: afcan: fix NULL pointer dereference in canrxregister It causes NULL pointer dereference when...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-436290)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-436290 advisory. In the Linux kernel, the following vulnerability has been resolved: sctp: Fix null-ptr-deref in reuseportaddsock. syzbot reported a null-ptr-deref while accessing...

SUSE CVE-2023-53585

In the Linux kernel, the following vulnerability has been resolved: bpf: reject unhashed sockets in bpfskassign The semantics for bpfskassign are as follows: sk = somelookupfunc bpfskassignskb, sk bpfskreleasesk That is, the sk is not consumed by bpfskassign. The function therefore needs to make...

SUSE CVE-2023-53590

In the Linux kernel, the following vulnerability has been resolved: sctp: add a refcnt in sctpstreampriorities to avoid a nested loop With this refcnt added in sctpstreampriorities, we don't need to traverse all streams to check if the prio is used by other streams when freeing one stream's prio ...

SUSE CVE-2023-53601

In the Linux kernel, the following vulnerability has been resolved: bonding: do not assume skb macheader is set Drivers must not assume in their ndostartxmit that skbs have their macheader set. skb-data is all what is needed. bonding seems to be one of the last offender as caught by syzbot:...

CVE-2023-53585

In the Linux kernel, the following vulnerability has been resolved: bpf: reject unhashed sockets in bpfskassign The semantics for bpfskassign are as follows: sk = somelookupfunc bpfskassignskb, sk bpfskreleasesk That is, the sk is not consumed by bpfskassign. The function therefore needs to make...

CVE-2023-53559

In the Linux kernel, the following vulnerability has been resolved: ipvti: fix potential slab-use-after-free in decodesession6 When ipvti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when ipvti devic...

UBUNTU-CVE-2023-53559

In the Linux kernel, the following vulnerability has been resolved: ipvti: fix potential slab-use-after-free in decodesession6 When ipvti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when ipvti devic...

UBUNTU-CVE-2023-53585

In the Linux kernel, the following vulnerability has been resolved: bpf: reject unhashed sockets in bpfskassign The semantics for bpfskassign are as follows: sk = somelookupfunc bpfskassignskb, sk bpfskreleasesk That is, the sk is not consumed by bpfskassign. The function therefore needs to make...

CVE-2023-53601 bonding: do not assume skb mac_header is set

In the Linux kernel, the following vulnerability has been resolved: bonding: do not assume skb macheader is set Drivers must not assume in their ndostartxmit that skbs have their macheader set. skb-data is all what is needed. bonding seems to be one of the last offender as caught by syzbot:...

CVE-2023-53601 bonding: do not assume skb mac_header is set

In the Linux kernel, the following vulnerability has been resolved: bonding: do not assume skb macheader is set Drivers must not assume in their ndostartxmit that skbs have their macheader set. skb-data is all what is needed. bonding seems to be one of the last offender as caught by syzbot:...

CVE-2023-53600 tunnels: fix kasan splat when generating ipv4 pmtu error

In the Linux kernel, the following vulnerability has been resolved: tunnels: fix kasan splat when generating ipv4 pmtu error If we try to emit an icmp error in response to a nonliner skb, we get BUG: KASAN: slab-out-of-bounds in ipcomputecsum+0x134/0x220 Read of size 4 at addr ffff88811c50db00 by...

CVE-2023-53585 bpf: reject unhashed sockets in bpf_sk_assign

In the Linux kernel, the following vulnerability has been resolved: bpf: reject unhashed sockets in bpfskassign The semantics for bpfskassign are as follows: sk = somelookupfunc bpfskassignskb, sk bpfskreleasesk That is, the sk is not consumed by bpfskassign. The function therefore needs to make...

CVE-2023-53585 bpf: reject unhashed sockets in bpf_sk_assign

In the Linux kernel, the following vulnerability has been resolved: bpf: reject unhashed sockets in bpfskassign The semantics for bpfskassign are as follows: sk = somelookupfunc bpfskassignskb, sk bpfskreleasesk That is, the sk is not consumed by bpfskassign. The function therefore needs to make...

CVE-2023-53578

Linux kernel CVE-2023-53578 affects the qrtr path, where an uninit access occurs in qrtr_tx_resume() due to skb->len potentially being smaller than sizeof(struct qrtr_ctrl_pkt) when QRTR_TYPE_RESUME_TX is processed. The vulnerability arises in qrtr_endpoint_post() during syzbot scenarios, trig...

CVE-2023-53578 net: qrtr: Fix an uninit variable access bug in qrtr_tx_resume()

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Fix an uninit variable access bug in qrtrtxresume Syzbot reported a bug as following: ===================================================== BUG: KMSAN: uninit-value in qrtrtxresume+0x185/0x1f0 net/qrtr/afqrtr.c:230...

CVE-2023-53578 net: qrtr: Fix an uninit variable access bug in qrtr_tx_resume()

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Fix an uninit variable access bug in qrtrtxresume Syzbot reported a bug as following: ===================================================== BUG: KMSAN: uninit-value in qrtrtxresume+0x185/0x1f0 net/qrtr/afqrtr.c:230...

CVE-2023-53559 ip_vti: fix potential slab-use-after-free in decode_session6

In the Linux kernel, the following vulnerability has been resolved: ipvti: fix potential slab-use-after-free in decodesession6 When ipvti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when ipvti devic...