Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013220)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013220 advisory. In the Linux kernel, the following vulnerability has been resolved: fs: hfsplus: remove WARNON from hfspluscatread,writeinode syzbot is hitting WARNON in...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-010782)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010782 advisory. In the Linux kernel, the following vulnerability has been resolved: seccomp: Move copyseccomp to no failure path. Our syzbot instance reported memory leaks in...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013156)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013156 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: output extra debug info if we failed to find an inline backref BUG Syzbot reported several...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007304)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007304 advisory. In the Linux kernel, the following vulnerability has been resolved: comedi: vmk80xx: fix incomplete endpoint checking While vmk80xx does have endpoint checking...

PT-2026-33366

Name of the Vulnerable Software and Affected Versions Valtimo versions 13.0.0 through 13.21.0 Description The InboxHandlingService function handle in the inbox module logs the full content of every incoming inbox message at the INFO level. These messages may contain sensitive information, such as...

CVE-2026-40091 SpiceDB: SPICEDB_DATASTORE_CONN_URI is leaked on startup logs

SpiceDB is an open source database system for creating and managing security-critical application permissions. In versions 1.49.0 through 1.51.0, when SpiceDB starts with log level info, the startup "configuration" log will include the full datastore DSN, including the plaintext password, inside...

CVE-2026-31416

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinklog: account for netlink header size This is a followup to an old bug fix: NLMSGDONE needs to account for the netlink header size, not just the attribute size. This can result in a WARN splat + drop of the...

CVE-2026-31416

CVE-2026-31416 (Linux kernel) : Affected component is netfilter nfnetlink_log. The issue is caused by not accounting for the netlink header size when processing NL messages, which can lead to a WARN splat and potential drop of the affected netlink message, with no other ill effects reported in th...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006693)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006693 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: output extra debug info if we failed to find an inline backref BUG Syzbot reported several...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006660)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006660 advisory. In the Linux kernel, the following vulnerability has been resolved: net: preserve skbendoffset in skbunclonekeeptruesize syzbot found another way to trigger the...

SUSE SLES15 Security Update : salt (SUSE-SU-2026:1028-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1028-1 advisory. - Security issues fixed: CVE-2025-67724: Fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: Fixed DoS vi...

CVE-2026-23385

A flaw was found in the Linux kernel's netfilter nftables component. A local or privileged user could trigger a failing memory allocation during a set flush operation. This vulnerability, related to how nftables handles set cloning, can lead to a kernel warning WARN splat, potentially causing...

CVE-2026-23373

A flaw was found in the Linux kernel's wifi: rsi module. The rsimac80211config function's failure to default to a zero value can trigger a WARNON in the ieee80211hwconfinit function. This unexpected driver behavior may lead to system instability or other unforeseen operational issues...

CVE-2026-23355

A flaw was found in the Linux kernel's libata subsystem. This vulnerability occurs due to improper handling of deferred work. When ap-deferredqc is cleared, the associated queued work is not canceled, leading to the work being executed at an inappropriate time. This can result in a WARNON...

CVE-2026-23373

In the Linux kernel, the following vulnerability has been resolved: wifi: rsi: Don't default to -EOPNOTSUPP in rsimac80211config This triggers a WARNON in ieee80211hwconfinit and isn't the expected behavior from the driver - other drivers default to 0 too...

CVE-2026-23380

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix WARNON in tracingbuffersmmapclose When a process forks, the child process copies the parent's VMAs but the usermapped reference count is not incremented. As a result, when both the parent and child processes exit,...

CVE-2026-23355

In the Linux kernel, the following vulnerability has been resolved: ata: libata: cancel pending work after clearing deferredqc Syzbot reported a WARNON in atascsideferredqcwork, caused by ap-ops-qcdefer returning non-zero before issuing the deferred qc. atascsischeduledeferredqc is called during...

UBUNTU-CVE-2026-23385

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: clone set on flush only Syzbot with fault injection triggered a failing memory allocation with GFPKERNEL which results in a WARN splat: iter.err WARNING: net/netfilter/nftablesapi.c:845 at...

UBUNTU-CVE-2026-23373

In the Linux kernel, the following vulnerability has been resolved: wifi: rsi: Don't default to -EOPNOTSUPP in rsimac80211config This triggers a WARNON in ieee80211hwconfinit and isn't the expected behavior from the driver - other drivers default to 0 too...

CVE-2026-23380

CVE-2026-23380 (Linux kernel) describes a local vulnerability in tracing buffers memory management. When a process forks, the child’s VMAs copy the parent’s without incrementing user_mapped, so exiting both processes may cause tracing_buffers_mmap_close() to run twice; on the second call user_map...