5172 matches found
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001836)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001836 advisory. The ext4fillsuper function in fs/ext4/super.c in the Linux kernel through 4.9.8 does not properly validate meta block groups, which allows physically proximate...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003093)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003093 advisory. The ext4validblockbitmap function in fs/ext4/balloc.c in the Linux kernel through 4.15.15 allows attackers to cause a denial of service out-of-bounds read and system...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002636)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002636 advisory. A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound access in ext4getgroupinfo function, a denial of service, and a system...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002925)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002925 advisory. Linux kernel is vulnerable to a heap-based buffer overflow in the fs/ext4/xattr.c:ext4xattrsetentry function. An attacker could exploit this by operating on a mounte...
CVE-2025-68820
A NULL pointer dereference vulnerability was found in the Linux kernel's ext4 filesystem extended attribute handling. When ext4getinodeloc fails with an error such as -EFSCORRUPTED, the iloc.bh buffer head remains NULL. The ext4xattrinodedecrefall function lacks error checking and proceeds to cal...
CVE-2025-71123
In the Linux kernel, the following vulnerability has been resolved: ext4: fix string copying in parseapplysbmountoptions strscpypad can't be used to copy a non-NUL-term string into a NUL-term string of possibly bigger size. Commit 0efc5990bca5 "string.h: Introduce memtostr and memtostrpad" provid...
UBUNTU-CVE-2025-71123
In the Linux kernel, the following vulnerability has been resolved: ext4: fix string copying in parseapplysbmountoptions strscpypad can't be used to copy a non-NUL-term string into a NUL-term string of possibly bigger size. Commit 0efc5990bca5 "string.h: Introduce memtostr and memtostrpad" provid...
CVE-2025-71123
In the Linux kernel, the following vulnerability has been resolved: ext4: fix string copying in parseapplysbmountoptions strscpypad can't be used to copy a non-NUL-term string into a NUL-term string of possibly bigger size. Commit 0efc5990bca5 "string.h: Introduce memtostr and memtostrpad" provid...
CVE-2025-71123 ext4: fix string copying in parse_apply_sb_mount_options()
In the Linux kernel, the following vulnerability has been resolved: ext4: fix string copying in parseapplysbmountoptions strscpypad can't be used to copy a non-NUL-term string into a NUL-term string of possibly bigger size. Commit 0efc5990bca5 "string.h: Introduce memtostr and memtostrpad" provid...
CVE-2025-71123
In the Linux kernel, the following vulnerability has been resolved: ext4: fix string copying in parseapplysbmountoptions strscpypad can't be used to copy a non-NUL-term string into a NUL-term string of possibly bigger size. Commit 0efc5990bca5 "string.h: Introduce memtostr and memtostrpad" provid...
CVE-2025-71123
In the Linux kernel, the following vulnerability has been resolved: ext4: fix string copying in parseapplysbmountoptions strscpypad can't be used to copy a non-NUL-term string into a NUL-term string of possibly bigger size. Commit 0efc5990bca5 "string.h: Introduce memtostr and memtostrpad" provid...
CVE-2025-71123 ext4: fix string copying in parse_apply_sb_mount_options()
In the Linux kernel, the following vulnerability has been resolved: ext4: fix string copying in parseapplysbmountoptions strscpypad can't be used to copy a non-NUL-term string into a NUL-term string of possibly bigger size. Commit 0efc5990bca5 "string.h: Introduce memtostr and memtostrpad" provid...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000880)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000880 advisory. The ext4fillsuper function in fs/ext4/super.c in the Linux kernel through 4.9.8 does not properly validate meta block groups, which allows physically proximate...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001605)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001605 advisory. Linux kernel ext4 filesystem is vulnerable to an out-of-bound access in the ext4extdroprefs function when operating on a crafted ext4 filesystem image. Tenable has...
Linux Distros Unpatched Vulnerability : CVE-2025-71123
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ext4: fix string copying in parseapplysbmountoptions strscpypad can't be used to copy a...
CVE-2025-68820
In the Linux kernel, the following vulnerability has been resolved: ext4: xattr: fix null pointer deref in ext4rawinode If ext4getinodeloc fails e.g. if it returns -EFSCORRUPTED, iloc.bh will remain set to NULL. Since ext4xattrinodedecrefall lacks error checking, this will lead to a null pointer...
CVE-2025-68820
In the Linux kernel, the following vulnerability has been resolved: ext4: xattr: fix null pointer deref in ext4rawinode If ext4getinodeloc fails e.g. if it returns -EFSCORRUPTED, iloc.bh will remain set to NULL. Since ext4xattrinodedecrefall lacks error checking, this will lead to a null pointer...
UBUNTU-CVE-2025-68820
In the Linux kernel, the following vulnerability has been resolved: ext4: xattr: fix null pointer deref in ext4rawinode If ext4getinodeloc fails e.g. if it returns -EFSCORRUPTED, iloc.bh will remain set to NULL. Since ext4xattrinodedecrefall lacks error checking, this will lead to a null pointer...
CVE-2025-68820 ext4: xattr: fix null pointer deref in ext4_raw_inode()
In the Linux kernel, the following vulnerability has been resolved: ext4: xattr: fix null pointer deref in ext4rawinode If ext4getinodeloc fails e.g. if it returns -EFSCORRUPTED, iloc.bh will remain set to NULL. Since ext4xattrinodedecrefall lacks error checking, this will lead to a null pointer...
CVE-2025-68820
In the Linux kernel, the following vulnerability has been resolved: ext4: xattr: fix null pointer deref in ext4rawinode If ext4getinodeloc fails e.g. if it returns -EFSCORRUPTED, iloc.bh will remain set to NULL. Since ext4xattrinodedecrefall lacks error checking, this will lead to a null pointer...