1004 matches found
EUVD-2025-209671
In the Linux kernel, the following vulnerability has been resolved: hfsplus: ensure sb-sfsinfo is always cleaned up When hfsplus was converted to the new mount api a bug was introduced by changing the allocation pattern of sb-sfsinfo. If setupbdevsuper fails after a new superblock has been...
perl: Fix of CVE-2018-12015
CVE-2018-12015: Archive::Tar path traversal — remove existing block-device or out-of-CWD symlink targets before overwriting during extraction...
Ubuntu Pro Realtime 24.04 LTS : Linux kernel (Raspberry Pi Real-time) vulnerabilities (USN-8204-1)
"The remote Ubuntu Pro Realtime 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8204-1 advisory. Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013741)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013741 advisory. In the Linux kernel, the following vulnerability has been resolved: nbd: fix incomplete validation of ioctl arg We tested and found an alarm caused by nbdioctl arg...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-011365)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011365 advisory. In the Linux kernel, the following vulnerability has been resolved: nbd: fix incomplete validation of ioctl arg We tested and found an alarm caused by nbdioctl arg...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010866)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010866 advisory. In the Linux kernel, the following vulnerability has been resolved: jbd2: add miss release buffer head in fcdoonepass In fcdoonepass miss release buffer head after u...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007337)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007337 advisory. In the Linux kernel, the following vulnerability has been resolved: nbd: call genlunregisterfamily first in nbdcleanup Otherwise there may be race between module...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007539)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007539 advisory. In the Linux kernel, the following vulnerability has been resolved: nbd: Fix hung when signal interrupts nbdstartdeviceioctl syzbot reported hung task 1. The followi...
ROS-20260403-73-0040
A vulnerability in the drbd/drbdreceiver.c driver of the Linux operating system kernel is related to memory usage after it has been freed. Exploitation of the vulnerability allows an attacker to cause a denial of service...
ROS-20260403-73-0006
A vulnerability in the setblocksize function of the block/bdev.c module of the Linux kernel block layer is related to null pointer dereferencing. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integrity and availability of protected information...
Linux Distros Unpatched Vulnerability : CVE-2026-5165
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in virtio-win, specifically within the VirtIO Block BLK device. When the device undergoes a reset, it fails to properly manage memory, resultin...
virtio-win 安全漏洞
virtio-win is an open-source virtual machine simulation software developed by virtio-win. virtio-win has a security vulnerability, which stems from improper memory management during the reset of VirtIO Block devices. This vulnerability may lead to reuse of freed resources after release, as well a...
drbd: fix null-pointer dereference on local read error
...
CVE-2026-23356
A flaw was found in the Linux kernel's Distributed Replicated Block Device DRBD component. A logic error in the drbdalbeginiononblock function can lead to a race condition during active resynchronization. This can result in a system crash, causing a Denial of Service DoS, due to the incorrect...
SUSE CVE-2026-23285
In the Linux kernel, the following vulnerability has been resolved: drbd: fix null-pointer dereference on local read error In drbdrequestendio, READCOMPLETEDWITHERROR is passed to reqmod with a NULL peerdevice: reqmodreq, what, NULL, &m; The READCOMPLETEDWITHERROR handler then unconditionally...
SUSE CVE-2026-23356
In the Linux kernel, the following vulnerability has been resolved: drbd: fix "LOGIC BUG" in drbdalbeginiononblock Even though we check that we "should" be able to do lcgetcumulative while holding the device-allock spinlock, it may still fail, if some other code path decided to do lctrylock with...
EUVD-2026-15331
In the Linux kernel, the following vulnerability has been resolved: drbd: fix "LOGIC BUG" in drbdalbeginiononblock Even though we check that we "should" be able to do lcgetcumulative while holding the device-allock spinlock, it may still fail, if some other code path decided to do lctrylock with...
CVE-2026-23285
In the Linux kernel, the following vulnerability has been resolved: drbd: fix null-pointer dereference on local read error In drbdrequestendio, READCOMPLETEDWITHERROR is passed to reqmod with a NULL peerdevice: reqmodreq, what, NULL, &m; The READCOMPLETEDWITHERROR handler then unconditionally...
CVE-2026-23356
In the Linux kernel, the following vulnerability has been resolved: drbd: fix "LOGIC BUG" in drbdalbeginiononblock Even though we check that we "should" be able to do lcgetcumulative while holding the device-allock spinlock, it may still fail, if some other code path decided to do lctrylock with...
UBUNTU-CVE-2026-23356
In the Linux kernel, the following vulnerability has been resolved: drbd: fix "LOGIC BUG" in drbdalbeginiononblock Even though we check that we "should" be able to do lcgetcumulative while holding the device-allock spinlock, it may still fail, if some other code path decided to do lctrylock with...