Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990048)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990048 advisory. In the Linux kernel, the following vulnerability has been resolved: media: i2c: tc358743: Fix crash in the probe error path when using polling If an error occurs in...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989139)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989139 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciqca: Use deltimersync before freeing While looking at a crash report on a timer lis...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989571)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989571 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: cancel vdm and state machine hrtimer when unregister tcpm port A pending hrtime...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988676)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988676 advisory. In the Linux kernel, the following vulnerability has been resolved: net/sched: fqpie: prevent dismantle issue For some reason, fqpiedestroy did not copy working code...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989298)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989298 advisory. In the Linux kernel, the following vulnerability has been resolved: watchdog: Fix possible use-after-free by calling deltimersync This driver's remove path calls...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: netsched: genestimator: fix esttimer vs CONFIGPREEMPTRT=y The syzbot reported a warning in esttimer 1. The problem arises from the fact that when CONFIGPREEMPTRT=y is enabled, timer callbacks can be preempted...

OESA-2025-2551 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved:sunrpc: fix one UAF issue caused by sunrpc kernel tcp socketBUG: KASAN: slab-use-after-free in tcpwritetimerhandler+0x156/0x3e0Read of size 1 at addr...

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-7853-1)

"The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7853-1 advisory. Jean-Claude Graf, Sandro Regge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor...

USN-7853-2: Linux kernel (FIPS) vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

USN-7854-1 linux-kvm vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

USN-7854-1: Linux kernel (KVM) vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

USN-7853-1 linux, linux-aws, linux-aws-hwe, linux-gcp, linux-gcp-4.15, linux-hwe, linux-oracle vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

USN-7853-1: Linux kernel vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

hrtimers: Force migrate away hrtimers queued after CPUHP_AP_HRTIMERS_DYING

...

CentOS 9 : kernel-5.14.0-631.el9

"The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the kernel-5.14.0-631.el9 build changelog. - In the Linux kernel, the following vulnerability has been resolved: tcp: Clear tcpsksk-fastopenrsk in tcpdisconnect. syzbot reported t...

Siemens SIMATIC Devices Improper Initialization (CVE-2024-35910)

In the Linux kernel, the following vulnerability has been resolved: tcp: properly terminate timers for kernel sockets We had various syzbot reports about tcp timers firing after the corresponding netns has been dismantled. Fortunately Josef Bacik could trigger the issue more often, and could test...

SUSE CVE-2023-53728

In the Linux kernel, the following vulnerability has been resolved: posix-timers: Ensure timer ID search-loop limit is valid posixtimeradd tries to allocate a posix timer ID by starting from the cached ID which was stored by the last successful allocation. This is done in a loop searching the ID...

Linux Distros Unpatched Vulnerability : CVE-2022-50563

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dm thin: Fix UAF in runtimersoftirq When dmresume and dmdestroy are concurrent, it will lead to UAF, as follows: BUG: KASAN: use-after-free in...

Linux Distros Unpatched Vulnerability : CVE-2025-39994

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: tuner: xc5000: Fix use-after-free in xc5000release The original code uses canceldelayedwork in xc5000release, which does not guarantee that the delayed...

Linux Distros Unpatched Vulnerability : CVE-2023-53728

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - posix-timers: Ensure timer ID search-loop limit is valid posixtimeradd tries to allocate a posix timer ID by starting from the cached ID which was stored by th...