Security update for the Linux Kernel

The SUSE Linux Enterprise Server 16.0 and SUSE Linux Micro 6.2 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-53164: net: sched: fix ordering of qlen adjustment bsc1234863. CVE-2024-57891: schedext: Fix invalid irq restore in scxopsbypass...

USN-7835-5: Linux kernel (Oracle) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...

USN-7835-5 linux-oracle-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...

USN-7863-1: Linux kernel vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

USN-7863-1 linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

kernel: NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()

A flaw out of boundary read in the Linux kernel NFS functionality was found in the way connected user sends malicious data to the server. A remote user could use this flaw to crash the system...

RLSA-2025:19105 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: vsock/virtio: Validate length in packet header before skbput CVE-2025-39718 kernel: NFS: Fix filehandle bounds checking in nfsfhtodentry CVE-2025-39730 kernel: ALSA: hda/ca0132: Fix buffe...

CVE-2025-64108

Cursor is a code editor built for programming with AI. In versions 1.7.44 and below, various NTFS path quirks allow a prompt injection attacker to circumvent sensitive file protections and overwrite files which Cursor requires human approval to overwrite. Modification of some of the protected fil...

CVE-2025-43446

This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to modify protected parts of the file system...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988919)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988919 advisory. In the Linux kernel, the following vulnerability has been resolved: ntfs: add sanity check on allocation size ntfsreadinodemount invokes ntfsmallocnofs with zero...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989943)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989943 advisory. In the Linux kernel, the following vulnerability has been resolved: NFSv4.2: fix reference count leaks in nfs42proccopynotify You don't often get email from...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989521)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989521 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: don't BUG if someone dirty pages without asking ext4 first unpinuserpagesremote is dirtying...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989179)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989179 advisory. In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds in dbFindLeaf Currently while searching for dmtreet for...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989212)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989212 advisory. In the Linux kernel, the following vulnerability has been resolved: udf: Fix NULL pointer dereference in udfsymlink function In function udfsymlink, epos.bh is...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989361)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989361 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on block address in f2fsdozerorange As Yanming reported in bugzilla:...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989419)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989419 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: avoid format-overflow warning With gcc and W=1 option, there's a warning like this:...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989612)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989612 advisory. In the Linux kernel, the following vulnerability has been resolved: afs: Fix dynamic root getattr The recent patch to make afsgetattr consult the server didn't accou...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989647)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989647 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on totaldatablocks As Yanming reported in bugzilla:...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988855)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988855 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix race between searching chunks and release journalhead from bufferhead Encountered a ra...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989285)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989285 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix bugon ext4mbuseinodepa Hulk Robot reported a BUGON:...