Unity Linux 20.1070a Security Update: kernel (UTSA-2025-382063)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-382063 advisory. In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix deadlock in usbdeauthorizeinterface Among the attribute file callback routines in...

Azure Linux 3.0 Security Update: kernel (CVE-2024-26934)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-26934 advisory. - In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix deadlock in...

openSUSE 15 Security Update : virtualbox (openSUSE-SU-2024:0364-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0364-1 advisory. Update to release 7.1.4: NAT: Fixed DHCP problems with certain guests when domain is empty VMSVGA: Improved flickering, black screen and other...

CLSA-2024-1724693366 kernel: Fix of 15 CVEs

net: ice: Fix potential NULL pointer dereference in icebridgesetlink CVE-2024-26855 - tty: Fix out-of-bound vmalloc access in imageblit CVE-2021-47383 - drm/vmwgfx: Fix invalid reads in fence signaled events CVE-2024-36960 - Revert: GFS2: Skip dlmunlock calls during unmount CVE-2024-38570 -...

CVE-2024-42085 usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock When config CONFIGUSBDWC3DUALROLE is selected, and trigger system to enter suspend status with below command: echo mem /sys/power/state There...

AlmaLinux 8 : kernel update (Medium) (ALSA-2024:3618)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:3618 advisory. kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation CVE-2023-6240 kernel: Information disclosure in vhost/vhost.c:vhostnewms...

CVE-2024-26934

In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix deadlock in usbdeauthorizeinterface Among the attribute file callback routines in drivers/usb/core/sysfs.c, the interfaceauthorizedstore function is the only one which acquires a device lock on an ancestor device: ...

CVE-2024-26933

CVE-2024-26933 is described in connected advisories as a Linux kernel USB core fix: it resolves a deadlock in the port "disable" sysfs attribute handling. The show/store callbacks for the disable sysfs file in port.c acquire the hub’s device lock, while removing a hub (and potentially changing it...