Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992836)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992836 advisory. In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix the behavior of READ near OFFSETMAX Dan Aloni reports: Due to commit 8cfb9015280d NFS:...

Linux Distros Unpatched Vulnerability : CVE-2023-54313

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ovl: fix null pointer dereference in ovlgetaclrcu Following process: P1 P2 pathopenat linkpathwalk maylookup inodepermissionrcu ovlpermission aclpermissioncheck...

CVE-2025-15113

Ksenia Security lares legacy model Home Automation version 1.6 contains an unprotected endpoint vulnerability that allows authenticated attackers to upload MPFS File System binary images. Attackers can exploit this vulnerability to overwrite flash program memory and potentially execute arbitrary...

CVE-2025-15113

Ksenia Security Lares 4.0 Home Automation (version 1.6) is affected by CVE-2025-15113 due to an unprotected endpoint that lets authenticated attackers upload MPFS File System binary images. This can overwrite flash memory and potentially execute arbitrary code on the web server. Exploitation deta...

CVE-2025-15113 Ksenia Security lares Home Automation 1.6 Remote Code Execution via MPFS Upload

Ksenia Security lares legacy model Home Automation version 1.6 contains an unprotected endpoint vulnerability that allows authenticated attackers to upload MPFS File System binary images. Attackers can exploit this vulnerability to overwrite flash program memory and potentially execute arbitrary...

EUVD-2023-60528

In the Linux kernel, the following vulnerability has been resolved: nfsd: move init of percpu replycachestats counters back to nfsdinitnet Commit f5f9d4a314da "nfsd: move reply cache initialization into nfsd startup" moved the initialization of the reply cache into nfsd startup, but didn't accoun...

EUVD-2023-60383

In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential oops in cifsoplockbreak With deferred close we can have closes that race with lease breaks, and so with the current checks for whether to send the lease response, oplockresponse, this can mean that an unmount...

EUVD-2023-60445

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix NULL pointer dereference in 'niwriteinode' Syzbot found the following issue: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000016 Mem abort info: ESR = 0x0000000096000006 EC = 0x25:...

EUVD-2023-60447

In the Linux kernel, the following vulnerability has been resolved: exfat: use kvmallocarray/kvfree instead of kmallocarray/kfree The call stack shown below is a scenario in the Linux 4.19 kernel. Allocating memory failed where exfat fs use kmallocarray due to system memory fragmentation, while t...

EUVD-2023-60454

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix potential corruption when moving a directory F2FS has the same issue in ext4rename causing crash revealed by xfstests/generic/707. See also commit 0813299c586b "ext4: Fix possible corruption when moving a directory"...

EUVD-2022-55842

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifssesaddchannel Before return, should free the xid, otherwise, the xid will be leaked...

EUVD-2022-55837

In the Linux kernel, the following vulnerability has been resolved: NFSD: Finish converting the NFSv2 GETACL result encoder The xdrstream conversion inadvertently left some code that set the pagelen of the send buffer. The XDR stream encoders should handle this automatically now. This oversight...

EUVD-2022-55845

In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix a credential leak in nfs4discovertrunking...

EUVD-2022-55829

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix slab-out-of-bounds in rpage When PAGESIZE is 64K, if readlogpage is called by logreadrst for the first time, the size of buffer would be equal to DefaultLogPageSize4K.But for buffer operations like memcpy, if the...

CVE-2023-54305

In the Linux kernel, the following vulnerability has been resolved: ext4: refuse to create ea block when umounted The ea block expansion need to access sroot while it is already set as NULL when umount is triggered. Refuse this request to avoid panic...

CVE-2023-54280

In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential race when tree connecting ipc Protect access of TCPServerInfo::hostname when building the ipc tree name as it might get freed in cifsd thread and thus causing an use-after-free bug in treeconnectdfstarget. Als...

CVE-2023-54260

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix lost destroy smbd connection when MR allocate failed If the MR allocate failed, the smb direct connection info is NULL, then smbddestroy will directly return, then the connection info will be leaked. Let's set the smb...

CVE-2023-54194

In the Linux kernel, the following vulnerability has been resolved: exfat: use kvmallocarray/kvfree instead of kmallocarray/kfree The call stack shown below is a scenario in the Linux 4.19 kernel. Allocating memory failed where exfat fs use kmallocarray due to system memory fragmentation, while t...

CVE-2023-54185

In the Linux kernel, the following vulnerability has been resolved: btrfs: remove BUGON's in addnewfreespace At addnewfreespace we have these BUGON's that are there to deal with any failure to add free space to the in memory free space cache. Such failures are mostly -ENOMEM that should be very...

UBUNTU-CVE-2023-54311

In the Linux kernel, the following vulnerability has been resolved: ext4: fix deadlock when converting an inline directory in nojournal mode In no journal mode, ext4finishconvertinlinedir can self-deadlock by calling ext4handledirtydirblock when it already has taken the directory lock. There is a...