Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986948)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986948 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix use-after-free for aborted TMF sastask Currently a use-after-free may occur if ...

PT-2025-41082

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a use-after-free issue in the octep probe function. If the function fails to retrieve a device's MAC address, it exits while leaving a delayed work item, intr...

kernel: security/keys: fix slab-out-of-bounds in key_task_permission

In the Linux kernel, the following vulnerability has been resolved: security/keys: fix slab-out-of-bounds in keytaskpermission KASAN reports an out of bounds read: BUG: KASAN: slab-out-of-bounds in kuidval include/linux/uidgid.h:36 BUG: KASAN: slab-out-of-bounds in uideq include/linux/uidgid.h:63...

EUVD-2025-32471

A vulnerability has been found in UTT HiPER 840G up to 3.1.1-190328. Affected by this issue is the function strcpy of the file /goform/formTaskEdit. The manipulation of the argument txtMin2 leads to buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed to...

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: security/keys: fix slab-out-of-bounds in keytaskpermission CVE-2024-50301 kernel: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush CVE-2025-38351 kernel: wifi: ath12k:...

CVE-2025-11305

A vulnerability has been found in UTT HiPER 840G up to 3.1.1-190328. Affected by this issue is the function strcpy of the file /goform/formTaskEdit. The manipulation of the argument txtMin2 leads to buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed to...

CVE-2025-11305 UTT HiPER 840G formTaskEdit strcpy buffer overflow

A vulnerability has been found in UTT HiPER 840G up to 3.1.1-190328. Affected by this issue is the function strcpy of the file /goform/formTaskEdit. The manipulation of the argument txtMin2 leads to buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed to...

cnic: Fix use-after-free bugs in cnic_delete_task

...

SUSE CVE-2023-53549

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Rework long task execution when adding/deleting entries When adding/deleting large number of elements in one step in ipset, it can take a reasonable amount of time and can result in soft lockup errors. The patch...

SUSE CVE-2023-53563

In the Linux kernel, the following vulnerability has been resolved: cpufreq: amd-pstate-ut: Fix kernel panic when loading the driver After loading the amd-pstate-ut driver, amdpstateutcheckperf and amdpstateutcheckfreq use cpufreqcpuget to get the policy of the CPU and mark it as busy. In these...

SUSE CVE-2025-39945

In the Linux kernel, the following vulnerability has been resolved: cnic: Fix use-after-free bugs in cnicdeletetask The original code uses canceldelayedwork in cniccmstopbnx2xhw, which does not guarantee that the delayed work item 'deletetask' has fully completed if it was already running...

CVE-2023-53608

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential UAF of struct nilfsscinfo in nilfssegctorthread The finalization of nilfssegctorthread can race with nilfssegctorkillthread which terminates that thread, potentially causing a use-after-free BUG as KASAN...

CVE-2023-53549

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Rework long task execution when adding/deleting entries When adding/deleting large number of elements in one step in ipset, it can take a reasonable amount of time and can result in soft lockup errors. The patch...

UBUNTU-CVE-2023-53549

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Rework long task execution when adding/deleting entries When adding/deleting large number of elements in one step in ipset, it can take a reasonable amount of time and can result in soft lockup errors. The patch...

CVE-2023-53608 nilfs2: fix potential UAF of struct nilfs_sc_info in nilfs_segctor_thread()

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential UAF of struct nilfsscinfo in nilfssegctorthread The finalization of nilfssegctorthread can race with nilfssegctorkillthread which terminates that thread, potentially causing a use-after-free BUG as KASAN...

CVE-2023-53563 cpufreq: amd-pstate-ut: Fix kernel panic when loading the driver

In the Linux kernel, the following vulnerability has been resolved: cpufreq: amd-pstate-ut: Fix kernel panic when loading the driver After loading the amd-pstate-ut driver, amdpstateutcheckperf and amdpstateutcheckfreq use cpufreqcpuget to get the policy of the CPU and mark it as busy. In these...

CVE-2025-7721

The JoomSport – for Sports: Team & League, Football, Hockey & more plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 5.7.3 via the task parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary .php files on the...

EUVD-2025-32383

In the Linux kernel, the following vulnerability has been resolved: cnic: Fix use-after-free bugs in cnicdeletetask The original code uses canceldelayedwork in cniccmstopbnx2xhw, which does not guarantee that the delayed work item 'deletetask' has fully completed if it was already running...

CVE-2025-39945

In the Linux kernel, the following vulnerability has been resolved: cnic: Fix use-after-free bugs in cnicdeletetask The original code uses canceldelayedwork in cniccmstopbnx2xhw, which does not guarantee that the delayed work item 'deletetask' has fully completed if it was already running...

AZL-68163 CVE-2025-39945 affecting package kernel for versions less than 6.6.112.1-1

In the Linux kernel, the following vulnerability has been resolved: cnic: Fix use-after-free bugs in cnicdeletetask The original code uses canceldelayedwork in cniccmstopbnx2xhw, which does not guarantee that the delayed work item 'deletetask' has fully completed if it was already running...