python-kdcproxy: Remote DoS via unbounded TCP upstream buffering

If an attacker causes kdcproxy to connect to an attacker-controlled KDC server e.g. through server-side request forgery, they can exploit the fact that kdcproxy does not enforce bounds on TCP response length to conduct a denial-of-service attack. While receiving the KDC's response, kdcproxy copie...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990889)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990889 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/mad: Improve handling of timed out WRs of mad agent Current timeout handler of mad agent...

sudo-rs -- Partial password reveal when password timeout occurs

Trifecta Tech Foundation reports: When typing partial passwords but not pressing return for a long time, a password timeout can occur. When this happens, the keys pressed are replayed onto the console...

sudo-rs 安全漏洞

sudo-rs is an open source memory security implementation of sudo and su by Trifecta Tech Foundation. A security vulnerability exists in sudo-rs version 0.2.7 through versions prior to 0.2.10, which stems from the echoing of typed characters after a password timeout, which could lead to partial...

kernel: can: isotp: split tx timer into transmission and timeout

In the Linux kernel, the following vulnerability has been resolved: can: isotp: split tx timer into transmission and timeout The timer for the transmission of isotp PDUs formerly had two functions: 1. send two consecutive frames with a given time gap 2. monitor the timeouts for flow control frame...

kernel: RDMA/rxe: Fix the warning "__rxe_cleanup+0x12c/0x170 [rdma_rxe]"

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix the warning "rxecleanup+0x12c/0x170 rdmarxe" The Call Trace is as below: " ? showregs.cold+0x1a/0x1f ? rxecleanup+0x12c/0x170 rdmarxe ? warn+0x84/0xd0 ? rxecleanup+0x12c/0x170 rdmarxe ? reportbug+0x105/0x180 ?...

USN-7867-1: sudo-rs vulnerabilities

It was discovered that sudo-rs incorrectly handled passwords when timeouts occurred and the pwfeedback default was not set. This could result in a partially typed password being output to standard input, contrary to expectations. It was discovered that sudo-rs incorrectly handled the targetpw and...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988975)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988975 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix dangling scoconn and use-after-free in scosocktimeout Connecting the same socket...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990157)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990157 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: avoid data corruption caused by decline We found a data corruption issue during testing ...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989472)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989472 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctltcpfastopenblackholetimeout. While reading...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989150)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989150 advisory. In the Linux kernel, the following vulnerability has been resolved: audit: improve robustness of the audit queue handling If the audit daemon were ever to get stuck ...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990315)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990315 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/lima: mask irqs in timeout path before hard reset There is a race condition in which a...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990286)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990286 advisory. In the Linux kernel, the following vulnerability has been resolved: IB/core: Implement a limit on UMAD receive List The existing behavior of ibumad, which maintains...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989995)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989995 advisory. In the Linux kernel, the following vulnerability has been resolved: driver core: Fix waitfordeviceprobe & deferredprobetimeout interaction Mounting NFS rootfs was...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988710)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988710 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix use-after-free for aborted TMF sastask Currently a use-after-free may occur if ...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989401)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989401 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/lima: mask irqs in timeout path before hard reset There is a race condition in which a...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988699)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988699 advisory. In the Linux kernel, the following vulnerability has been resolved: dmaengine: imx-sdma: Fix a possible memory leak in sdmatransferinit If the function sdmaloadconte...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989697)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989697 advisory. In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: denali: Use managed device resources All of the resources used by this driver has...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988995)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988995 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: avoid data corruption caused by decline We found a data corruption issue during testing ...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: shutdown driver when hardware is unreliable In rare cases, ath10k may lose connection with the PCIe bus due to some unknown reasons, which could further lead to system crashes during resuming due to watchdog timeout...