kernel: libceph: fix potential use-after-free in have_mon_and_osd_map()

A use-after-free vulnerability was found in the Ceph client session initialization in the Linux kernel. The havemonandosdmap function checks map epochs without holding the appropriate locks, racing with concurrent map updates that free the old map. This can result in dereferencing freed memory...

MiracleLinux 3 : nfs-utils-1.0.9-42.1AXS3 (AXSA:2009-391:02)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2009-391:02 advisory. The nfs-utils package provides a daemon for the kernel NFS server and related tools, which provides a much higher level of performance than the traditional...

ROS-20260119-7352

A vulnerability in the jointransaction function of the fs/btrfs/transaction.c module of the Linux kernel btrfs file system support is related to the reuse of previously freed memory. Exploitation of the vulnerability may allow an attacker to affect confidentiality, integrity and availability of...

ROS-20260119-7369

A vulnerability in the nfsacldprocgetacl and nfsd3procgetacl functions of the fs/nfsd/nfs2acl.c module of the Linux kernel NFS network file system support is related to the reuse of previously freed memory. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integri...

ROS-20260119-7389

A vulnerability in the ubifsdumptnc function of the UBIFS file system fs/ubifs/debug.c of the Linux kernel is related to pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Microsoft Windows NTFS Code Execution Vulnerability (CNVD-2026-17156)

Microsoft Windows NTFS is a file system from Microsoft USA that serves computer files. The file system has error warning, disk self-healing and logging capabilities. A code execution vulnerability exists in Microsoft Windows NTFS, which can be exploited by an attacker to execute arbitrary code on...

Microsoft Windows NTFS Code Execution Vulnerability

Microsoft Windows NTFS is a file system from Microsoft USA that serves computer files. The file system has error warning, disk self-healing and logging capabilities. A code execution vulnerability exists in Microsoft Windows NTFS, which can be exploited by an attacker to execute arbitrary code on...

EUVD-2026-2923

RustFS is a distributed object storage system built in Rust. From = 1.0.0-alpha.1 to 1.0.0-alpha.79, invalid RPC signatures cause the server to log the shared HMAC secret and expected signature, which exposes the secret to log readers and enables forged RPC calls. In...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49110: netfilter: conntrack: revisit gc autotuning bsc1237981. CVE-2022-49139: Bluetooth: fix null ptr deref on hcisyncconncompleteevt bsc1238032...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000655)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000655 advisory. The NFSv4 implementation in the Linux kernel before 3.2.2 does not properly handle bitmap sizes in GETACL replies, which allows remote NFS servers to cause a denial ...

MiracleLinux 7 : samba-4.6.2-11.el7 (AXSA:2017-2305:06)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2305:06 advisory. It was found that samba did not enforce SMB signing when certain configuration options were enabled. A remote attacker could launch a...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001103)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001103 advisory. The sanitycheckckpt function in fs/f2fs/super.c in the Linux kernel before 4.12.4 does not validate the blkoff and segno arrays, which allows local users to gain...

MiracleLinux 4 : busybox-1.15.1-20.AXS4 (AXSA:2014-023:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2014-023:01 advisory. Busybox is a single binary which includes versions of a large number of system commands, including a shell. This package can be very useful for recovering fro...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001114)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001114 advisory. Incorrect buffer length handling in the ncpreadkernel function in fs/ncpfs/ncplibkernel.c in the Linux kernel through 4.15.11, and in...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003969)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003969 advisory. A use after free in the Linux kernel File System notify functionality was found in the way user triggers copyinforecordstouser call to fail in copyeventtouser. A loc...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001521)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001521 advisory. The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setupntlmv2rsp that allows an attacker controlling a CIFS...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001201)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001201 advisory. The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attackers to cause a denial of service system crash via a long RPC...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000583)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000583 advisory. The dwalk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of renamelock, which allows local users to cause a deni...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000650)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000650 advisory. The nfs4getacluncached function in fs/nfs/nfs4proc.c in the NFSv4 implementation in the Linux kernel before 3.3.2 uses an incorrect length variable during a copy...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003873)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003873 advisory. In the Linux kernel, the following vulnerability has been resolved: NFS: Fix an Oops in nfsdautomount When mounting from a NFSv4 referral, path-dentry can end up bei...