Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987317)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987317 advisory. In the Linux kernel, the following vulnerability has been resolved: dma-buf/syncfile: Don't leak fences on merge failure Each addfence call does a dmafenceget on the...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-388201)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-388201 advisory. In the Linux kernel, the following vulnerability has been resolved: dma-buf/sw-sync: don't enable IRQ from syncprintobj Since commit a6aa8fca4d79 dma-buf/sw-sync:...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987313)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987313 advisory. In the Linux kernel, the following vulnerability has been resolved: ath11k: mhi: use mhisyncpowerup If amss.bin was missing ath11k would crash during 'rmmod...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986940)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986940 advisory. In the Linux kernel, the following vulnerability has been resolved: watchdog: Fix possible use-after-free by calling deltimersync This driver's remove path calls...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-386530)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-386530 advisory. In the Linux kernel, the following vulnerability has been resolved: media: bttv: fix use after free error due to btv-timeout timer There may be some a race conditio...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987260)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987260 advisory. In the Linux kernel, the following vulnerability has been resolved: ASoC: rt5645: Fix errorenous cleanup order There is a logic error when removing rt5645 device as...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-381917)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-381917 advisory. In the Linux kernel, the following vulnerability has been resolved: spi: mpc52xx: Add cancelworksync before module remove If we remove the module which will call...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-986307)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986307 advisory. In the Linux kernel, the following vulnerability has been resolved: atm: iphase: fix possible use-after-free in iamoduleexit This module's remove path calls deltimer...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986891)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986891 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix a data-race around sysctlfibsyncmem. While reading sysctlfibsyncmem, it can be changed...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986730)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986730 advisory. In the Linux kernel, the following vulnerability has been resolved: watchdog: Fix possible use-after-free in wdtstartup This module's remove path calls deltimer...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986568)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986568 advisory. In the Linux kernel, the following vulnerability has been resolved: atm: nicstar: Fix possible use-after-free in nicstarcleanup This module's remove path calls...

SUSE CVE-2023-53587

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Sync IRQ works before buffer destruction If something was written to the buffer just before destruction, it may be possible maybe not in a real system, but it did happen in ARCH=um with time-travel to destroy the...

smb: client: let smbd_destroy() call disable_work_sync(&info->post_send_credits_work)

...

UBUNTU-CVE-2023-53552

In the Linux kernel, the following vulnerability has been resolved: drm/i915: mark requests for GuC virtual engines to avoid use-after-free References to i915requests may be trapped by userspace inside a syncfile or dmabuf dma-resv and held indefinitely across different proceses. To counter-act t...

EUVD-2025-32383

In the Linux kernel, the following vulnerability has been resolved: cnic: Fix use-after-free bugs in cnicdeletetask The original code uses canceldelayedwork in cniccmstopbnx2xhw, which does not guarantee that the delayed work item 'deletetask' has fully completed if it was already running...

AZL-75170 CVE-2025-39945 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: cnic: Fix use-after-free bugs in cnicdeletetask The original code uses canceldelayedwork in cniccmstopbnx2xhw, which does not guarantee that the delayed work item 'deletetask' has fully completed if it was already running...

CVE-2025-39945 cnic: Fix use-after-free bugs in cnic_delete_task

In the Linux kernel, the following vulnerability has been resolved: cnic: Fix use-after-free bugs in cnicdeletetask The original code uses canceldelayedwork in cniccmstopbnx2xhw, which does not guarantee that the delayed work item 'deletetask' has fully completed if it was already running...

CVE-2025-39945

The CVE-2025-39945 entry concerns a race in the Linux kernel cnic subsystem where a use-after-free can occur if a delayed work item (delete_task) remains active during cnic_dev deallocation. The root cause is that cancel_delayed_work() does not guarantee the delayed work item has finished if it i...

CVE-2025-39945 cnic: Fix use-after-free bugs in cnic_delete_task

In the Linux kernel, the following vulnerability has been resolved: cnic: Fix use-after-free bugs in cnicdeletetask The original code uses canceldelayedwork in cniccmstopbnx2xhw, which does not guarantee that the delayed work item 'deletetask' has fully completed if it was already running...

CVE-2025-39944 octeontx2-pf: Fix use-after-free bugs in otx2_sync_tstamp()

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix use-after-free bugs in otx2synctstamp The original code relies on canceldelayedwork in otx2ptpdestroy, which does not ensure that the delayed work item synctstampwork has fully completed if it was already runnin...