Regular Expression Denial of Service (ReDoS)

Overview signalk-server is an An implementation of a Signal K server for boats. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the contextMatcher and pathMatcher functions. An attacker can cause the server to become unresponsive and exhaust CPU...

CVE-2026-3298

CVE-2026-3298 describes an out-of-bounds write in Windows-only asyncio.ProacterEventLoop.sock_recvfrom_into() when using the nbytes parameter. The root cause is a missing boundary check for the destination data buffer, enabling a write past the buffer size if incoming data exceeds it. Non-Windows...

CVE-2026-3298

The method "sockrecvfrominto" of "asyncio.ProacterEventLoop" Windows only was missing a boundary check for the data buffer when using nbytes parameter. This allowed for an out-of-bounds buffer write if data was larger than the buffer size. Non-Windows platforms are not affected...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011028)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011028 advisory. In the Linux kernel, the following vulnerability has been resolved: ntbnetdev: Use devkfreeskbany in interrupt context TX/RX callback handlers ntbnetdevtxhandler,...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011219)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011219 advisory. In the Linux kernel, the following vulnerability has been resolved: sctp: avoid NULL dereference when chunk data buffer is missing chunk-skb pointer is dereferenced ...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013129)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013129 advisory. In the Linux kernel, the following vulnerability has been resolved: net: bcmgenet: Add a check for oversized packets Occasionnaly we may get oversized packets from t...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-011374)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011374 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix an infinite loop error when len is 0 in tcpbpfrecvmsgparser When the buffer...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013342)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013342 advisory. In the Linux kernel, the following vulnerability has been resolved: afunix: Fix data races around sk-skshutdown. KCSAN found a data race around sk-skshutdown where...

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007042)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007042 advisory. In the Linux kernel, the following vulnerability has been resolved: net: sock: fix hardened usercopy panic in sockrecverrqueue skbufffclonecache was created without...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011294)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011294 advisory. In the Linux kernel, the following vulnerability has been resolved: dccp: fix data-race around dp-dccpsmsscache dccpsendmsg reads dp-dccpsmsscache before locking the...

Oracle多款产品 安全漏洞

Oracle Java SE, among others, are products of Oracle Corporation in the United States. Oracle Java SE is used for developing and deploying Java applications for desktops, servers, embedded devices, and real-time environments. Oracle GraalVM for JDK is a high-performance, multi-language runtime an...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010853)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010853 advisory. In the Linux kernel, the following vulnerability has been resolved: can: mcbausb: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010752)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010752 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: Forward wakeup to smc socket waitqueue after fallback When we replace TCP with SMC and a...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011100)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011100 advisory. In the Linux kernel, the following vulnerability has been resolved: mptcp: Fix proto fallback detection with BPF The sockmap feature allows bpf syscall from userspac...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-013216)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013216 advisory. In the Linux kernel, the following vulnerability has been resolved: net: stream: purge skerrorqueue in skstreamkillqueues Changheon Lee reported TCP socket leaks, wi...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013252)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013252 advisory. atalkcreate in net/appletalk/ddp.c in the AFAPPLETALK network module in the Linux kernel through 5.3.2 does not enforce CAPNETRAW, which means that unprivileged user...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011111)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011111 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: iscsitcp: Fix null-ptr-deref while calling getpeername Fix a NULL pointer crash that...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013041)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013041 advisory. In the Linux kernel, the following vulnerability has been resolved: mptcp: Fix proto fallback detection with BPF The sockmap feature allows bpf syscall from userspac...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013379)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013379 advisory. In the Linux kernel, the following vulnerability has been resolved: kcm: Fix memory leak in error path of kcmsendmsg syzbot reported a memory leak like below: BUG:...

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-006986)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006986 advisory. In the Linux kernel, the following vulnerability has been resolved: net, hsr: reject HSR frame if skb can't hold tag Receiving HSR frame with insufficient space to...