Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986891)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986891 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix a data-race around sysctlfibsyncmem. While reading sysctlfibsyncmem, it can be changed...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986730)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986730 advisory. In the Linux kernel, the following vulnerability has been resolved: watchdog: Fix possible use-after-free in wdtstartup This module's remove path calls deltimer...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-986307)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986307 advisory. In the Linux kernel, the following vulnerability has been resolved: atm: iphase: fix possible use-after-free in iamoduleexit This module's remove path calls deltimer...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-388201)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-388201 advisory. In the Linux kernel, the following vulnerability has been resolved: dma-buf/sw-sync: don't enable IRQ from syncprintobj Since commit a6aa8fca4d79 dma-buf/sw-sync:...

SUSE CVE-2023-53587

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Sync IRQ works before buffer destruction If something was written to the buffer just before destruction, it may be possible maybe not in a real system, but it did happen in ARCH=um with time-travel to destroy the...

smb: client: let smbd_destroy() call disable_work_sync(&info->post_send_credits_work)

...

UBUNTU-CVE-2023-53552

In the Linux kernel, the following vulnerability has been resolved: drm/i915: mark requests for GuC virtual engines to avoid use-after-free References to i915requests may be trapped by userspace inside a syncfile or dmabuf dma-resv and held indefinitely across different proceses. To counter-act t...

EUVD-2025-32383

In the Linux kernel, the following vulnerability has been resolved: cnic: Fix use-after-free bugs in cnicdeletetask The original code uses canceldelayedwork in cniccmstopbnx2xhw, which does not guarantee that the delayed work item 'deletetask' has fully completed if it was already running...

AZL-75170 CVE-2025-39945 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: cnic: Fix use-after-free bugs in cnicdeletetask The original code uses canceldelayedwork in cniccmstopbnx2xhw, which does not guarantee that the delayed work item 'deletetask' has fully completed if it was already running...

CVE-2025-39945 cnic: Fix use-after-free bugs in cnic_delete_task

In the Linux kernel, the following vulnerability has been resolved: cnic: Fix use-after-free bugs in cnicdeletetask The original code uses canceldelayedwork in cniccmstopbnx2xhw, which does not guarantee that the delayed work item 'deletetask' has fully completed if it was already running...

CVE-2025-39945

The CVE-2025-39945 entry concerns a race in the Linux kernel cnic subsystem where a use-after-free can occur if a delayed work item (delete_task) remains active during cnic_dev deallocation. The root cause is that cancel_delayed_work() does not guarantee the delayed work item has finished if it i...

CVE-2025-39945 cnic: Fix use-after-free bugs in cnic_delete_task

In the Linux kernel, the following vulnerability has been resolved: cnic: Fix use-after-free bugs in cnicdeletetask The original code uses canceldelayedwork in cniccmstopbnx2xhw, which does not guarantee that the delayed work item 'deletetask' has fully completed if it was already running...

CVE-2025-39944 octeontx2-pf: Fix use-after-free bugs in otx2_sync_tstamp()

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix use-after-free bugs in otx2synctstamp The original code relies on canceldelayedwork in otx2ptpdestroy, which does not ensure that the delayed work item synctstampwork has fully completed if it was already runnin...

CVE-2025-39944

CVE-2025-39944 affects the Linux kernel OcteonTX2 PCI device driver (octeontx2-pf). It fixes a use-after-free in otx2_sync_tstamp() caused by a race with a running delayed work item; cancel_delayed_work() could leave synctstamp_work dereferencing a freed otx2_ptp. The mitigation in the fix is to ...

CVE-2025-39944 octeontx2-pf: Fix use-after-free bugs in otx2_sync_tstamp()

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix use-after-free bugs in otx2synctstamp The original code relies on canceldelayedwork in otx2ptpdestroy, which does not ensure that the delayed work item synctstampwork has fully completed if it was already runnin...

EUVD-2023-59711

Malicious code in bioql PyPI...

EUVD-2025-11688

Malicious code in bioql PyPI...

EUVD-2024-0926

Malicious code in bioql PyPI...

EUVD-2025-12072

Malicious code in bioql PyPI...

EUVD-2025-8009

Malicious code in bioql PyPI...