Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992318)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992318 advisory. In the Linux kernel, the following vulnerability has been resolved: arm64: fix oops in concurrently setting insnemulation sysctls emulationprochandler changes...

EUVD-2025-2588

Malicious code in bioql PyPI...

EulerOS 2.0 SP12 : kernel (EulerOS-SA-2025-1422)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : filemap: avoid truncating 64-bit offset to 32 bitsCVE-2025-21665 iomap: avoid avoid truncating 64-bit offset to 32 bitsCVE-2025-21667 fs/proc: fix...

CVE-2022-49637

CVE-2022-49637 affects the Linux kernel: a data race in ipv4 sysctl_fib_sync_mem when read while written. Root cause is concurrent access to sysctl_fib_sync_mem; fix is to add READ_ONCE() around reads. Impact is local (kernel-level) with potential availability disruption; remediation is applying ...

CVE-2025-21639 sctp: sysctl: rto_min/max: avoid using current->nsproxy

In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: rtomin/max: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...

CVE-2025-21637

The provided Connected documents confirm CVE-2025-21637 concerns the Linux kernel SCTP sysctl handling of udp_port, where the code path uses current->nsproxy, risking incorrect netns context and potential null dereference. The issue is described as due to accessing net/ns data via the current ...

CVE-2025-21636 sctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy

In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: plpmtudprobeinterval: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info fro...

UBUNTU-CVE-2024-42312

In the Linux kernel, the following vulnerability has been resolved: sysctl: always initialize iuid/igid Always initialize iuid/igid inside the sysfs core so setownership can safely skip setting them. Commit 5ec27ec735ba "fs/proc/procsysctl.c: fix the default values of iuid/igid on /proc/sys...

GSD-2022-1004405 sysctl: Fix data races in proc_douintvec().

sysctl: Fix data races in procdouintvec. This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.56 by commit...