runc: container escape via 'masked path' abuse due to mount race conditions

A flaw was found in runc. This flaw exploits an issue with how masked paths are implementedin runc. When masking files, runc will bind-mount the container's /dev/null inode on top of the file. However, if an attacker can replace /dev/null with a symlink to some other procfs file, runc will instea...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002652)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002652 advisory. A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS...

EulerOS 2.0 SP10 : kernel (EulerOS-SA-2026-1029)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : scsi: ses: Fix slab-out-of-bounds in sesintfremoveCVE-2023-53521 binfmtmisc: fix shift-out-of-bounds in checkspecialflagsCVE-2022-50497 scsi: lpfc...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001820)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001820 advisory. The dofollowlink function in fs/namei.c in the Linux kernel before 2.6.33 does not properly handle the last pathname component during use of certain filesystems, whi...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002129)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002129 advisory. The SMB2tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS servers to cause a denial of service NULL pointer dereference and...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001859)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001859 advisory. The SMB2tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS servers to cause a denial of service NULL pointer dereference and...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003142)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003142 advisory. Linux kernel version after commit bdcf0a423ea1 - 4.15-rc4+, 4.14.8+, 4.9.76+, 4.4.111+ contains a Incorrect Access Control vulnerability in NFS server nfsd that can...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002709)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002709 advisory. The sanitycheckrawsuper function in fs/f2fs/super.c in the Linux kernel before 4.11.1 does not validate the segment count, which allows local users to gain privilege...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002754)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002754 advisory. An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.14. A denial of service out-of- bounds memory access and BUG can occur upon encountering an...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003460)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003460 advisory. A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bcsvcprocess use wrong...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003466)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003466 advisory. The NFSv4 implementation in the Linux kernel through 4.11.1 allows local users to cause a denial of service resource consumption by leveraging improper channel...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002553)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002553 advisory. In the eaget function in fs/jfs/xattr.c in the Linux kernel through 4.17.1, a memory corruption bug in JFS can be triggered by calling setxattr twice with two...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002715)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002715 advisory. A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003173)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003173 advisory. The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002779)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002779 advisory. The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002662)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002662 advisory. The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setupntlmv2rsp that allows an attacker controlling a CIFS...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003381)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003381 advisory. An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.14. A denial of service out-of- bounds memory access and BUG can occur upon encountering an...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003232)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003232 advisory. The NFSv4 server in the Linux kernel before 4.11.3 does not properly validate the layout type when processing the NFSv4 pNFS GETDEVICEINFO or LAYOUTGET operand in a...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002202)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002202 advisory. Buffer overflow in the nfs4getacluncached function in fs/nfs/nfs4proc.c in the Linux kernel before 3.7.2 allows local users to cause a denial of service memory...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002739)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002739 advisory. The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setupntlmv2rsp that allows an attacker controlling a CIFS...