ROS-20251201-02

A vulnerability in the vfsinode.c component of the Linux kernel is related to the use of an uninitialized resource. of an uninitialized resource. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service A vulnerability in the llcpsock.c component of the Lin...

PT-2025-51674

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the ext4 filesystem implementation. Specifically, a race condition exists between inline data destruction and block mapping within the ext4 destroy...

SUSE-SU-2025:21064-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2025-38008: mm/pagealloc: fix race condition in unaccepted memory handling bsc1244939. - CVE-2025-38539: trace/fgraph: Fix the warning caused by...

Linux Distros Unpatched Vulnerability : CVE-2022-50581

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hfs: fix OOB Read in hfsbrecfind Syzbot reported a OOB read bug: ================================================================== BUG: KASAN: slab-out-of-boun...

kernel security update

An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

TencentOS Server 2: kernel (TSSA-2025:0436)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0436 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...

TencentOS Server 3: kernel (TSSA-2025:0434)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0434 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

TencentOS Server 4: kernel (TSSA-2025:0432)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0432 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

kernel: smb: client: fix use-after-free in cifs_oplock_break

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in cifsoplockbreak A race condition can occur in cifsoplockbreak leading to a use-after-free of the cinode structure when unmounting: cifsoplockbreak cifsFileInfoputcfile cifsFileInfoputfinal...

PT-2026-2535

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel’s Network File System daemon NFSD related to handling Access Control Lists ACLs during NFSv4 file creation. Specifically, when an NFSv4 client attempt...

SUSE CVE-2025-40190

In the Linux kernel, the following vulnerability has been resolved: ext4: guard against EA inode refcount underflow in xattr update syzkaller found a path where ext4xattrinodeupdateref reads an EA inode refcount that is already ref underflow: refcount=-1 refchange=-1 EXT4-fs warning: eainode dec...

PT-2026-2499

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where the S IFMT bits of inode-i mode can become invalid when the S IFMT bits of the "mode" field loaded from disk are corrupted. This occurs because t...

ext4: guard against EA inode refcount underflow in xattr update

...

Squashfs: reject negative file sizes in squashfs_read_inode()

...

SUSE CVE-2025-40137

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to truncate first page in error path of f2fstruncate syzbot reports a bug as below: loop0: detected capacity change from 0 to 40427 F2FS-fs loop0: Wrong SSA boundary, start3584 end4096 blocks3072 F2FS-fs loop0: Can't fi...

SUSE CVE-2025-40167

In the Linux kernel, the following vulnerability has been resolved: ext4: detect invalid INLINEDATA + EXTENTS flag combination syzbot reported a BUGON in ext4escacheextent when opening a verity file on a corrupted ext4 filesystem mounted without a journal. The issue is that the filesystem has an...

SUSE CVE-2025-40200

In the Linux kernel, the following vulnerability has been resolved: Squashfs: reject negative file sizes in squashfsreadinode Syskaller reports a "WARNING in ovlcopyupfile" in overlayfs. This warning is ultimately caused because the underlying Squashfs file system returns a file with a negative...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990924)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990924 advisory. In the Linux kernel, the following vulnerability has been resolved: gfs2: Always check inode size of inline inodes Check if the inode size of stuffed inline inodes i...

CVE-2025-40167

In the Linux kernel, the following vulnerability has been resolved: ext4: detect invalid INLINEDATA + EXTENTS flag combination syzbot reported a BUGON in ext4escacheextent when opening a verity file on a corrupted ext4 filesystem mounted without a journal. The issue is that the filesystem has an...

SUSE-SU-2025:21056-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2025-38008: mm/pagealloc: fix race condition in unaccepted memory handling bsc1244939. - CVE-2025-38539: trace/fgraph: Fix the warning caused by missi...