Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005534)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005534 advisory. In the Linux kernel, the following vulnerability has been resolved: vfs: fix race between eviceinodes and findinode&iput Hi, all Recently I noticed a bug1 in btrfs,...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005431)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005431 advisory. In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix use-after-free of nilfsroot in dirtying inodes via iput During unmount process of...

RHEL 8 : kernel (RHSA-2026:3360)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3360 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: RDMA/core: Fix KASAN:...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005411)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005411 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: add bounds checking in getmaxinlinexattrvaluesize Normally the extended attributes in the...

kernel: ext4: fix use-after-free in ext4_orphan_cleanup

A use-after-free vulnerability was found in the ext4 filesystem's orphan inode cleanup routine in the Linux kernel. When ext4inodeattachjinode fails with -ENOMEM during orphan cleanup at mount time, the error is not properly propagated. The inode is freed via iput, but the orphan list still...

kernel: NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid

A flaw null pointer dereference in the Linux kernel NFS functionality was found in the way client does some specific action for existing NFS connection. A client user could use this flaw to crash the server system...

kernel: ext4: fix use-after-free in ext4_orphan_cleanup

A use-after-free vulnerability was found in the ext4 filesystem's orphan inode cleanup routine in the Linux kernel. When ext4inodeattachjinode fails with -ENOMEM during orphan cleanup at mount time, the error is not properly propagated. The inode is freed via iput, but the orphan list still...

kernel: ext4: fix use-after-free in ext4_orphan_cleanup

A use-after-free vulnerability was found in the ext4 filesystem's orphan inode cleanup routine in the Linux kernel. When ext4inodeattachjinode fails with -ENOMEM during orphan cleanup at mount time, the error is not properly propagated. The inode is freed via iput, but the orphan list still...

kernel: ext4: fix use-after-free in ext4_orphan_cleanup

A use-after-free vulnerability was found in the ext4 filesystem's orphan inode cleanup routine in the Linux kernel. When ext4inodeattachjinode fails with -ENOMEM during orphan cleanup at mount time, the error is not properly propagated. The inode is freed via iput, but the orphan list still...

USN-8056-1 u-boot vulnerabilities

Simon Diepold discovered that U-Boot incorrectly handled certain DHCP responses. An attacker on the local network could possibly use this issue to obtain sensitive memory contents. CVE-2024-42040 It was discovered that U-Boot incorrectly handled symlink size calculations in squashfs file systems...

USN-8056-1: U-Boot vulnerabilities

Simon Diepold discovered that U-Boot incorrectly handled certain DHCP responses. An attacker on the local network could possibly use this issue to obtain sensitive memory contents. CVE-2024-42040 It was discovered that U-Boot incorrectly handled symlink size calculations in squashfs file systems...

Ubuntu 22.04 LTS / 24.04 LTS : U-Boot vulnerabilities (USN-8056-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8056-1 advisory. Simon Diepold discovered that U-Boot incorrectly handled certain DHCP responses. An attacker on the local network could possibly use this iss...

CVE-2026-23214

In the Linux kernel, the following vulnerability has been resolved: btrfs: reject new transactions if the fs is fully read-only BUG There is a bug report where a heavily fuzzed fs is mounted with all rescue mount options, which leads to the following warnings during unmount: BTRFS: Transaction...

SUSE CVE-2026-23145

In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4xattrinodeupdateref The error branch for ext4xattrinodeupdateref forget to release the refcount for iloc.bh. Find this when review code...

SUSE CVE-2026-23157

In the Linux kernel, the following vulnerability has been resolved: btrfs: do not strictly require dirty metadata threshold for metadata writepages BUG There is an internal report that over 1000 processes are waiting at the ioscheduletimeout of balancedirtypages, causing a system hang and trigger...

SUSE CVE-2026-23181

In the Linux kernel, the following vulnerability has been resolved: btrfs: sync read disk super and set block size When the user performs a btrfs mount, the block device is not set correctly. The user sets the block size of the block device to 0x4000 by executing the BLKBSZSET command. Since the...

Siemens SIMATIC S7-1500 Use After Free (CVE-2025-39866)

"In the Linux kernel, the following vulnerability has been resolved: fs: writeback: fix use-after-free in markinodedirty An use- after-free issue occurred when markinodedirty get the bdiwriteback that was in the progress of switching. CPU: 1 PID: 562 Comm: systemd-random- Not tainted...

Siemens SIMATIC S7-1500 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') (CVE-2025-39697)

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a race when updating an existing write After nfslockandjoinrequests tests for whether the request is still attached to the mapping, nothing prevents a call to nfsinoderemoverequest from succeeding until we actually lock...

CVE-2026-23181

In the Linux kernel, the following vulnerability has been resolved: btrfs: sync read disk super and set block size When the user performs a btrfs mount, the block device is not set correctly. The user sets the block size of the block device to 0x4000 by executing the BLKBSZSET command. Since the...

UBUNTU-CVE-2026-23181

In the Linux kernel, the following vulnerability has been resolved: btrfs: sync read disk super and set block size When the user performs a btrfs mount, the block device is not set correctly. The user sets the block size of the block device to 0x4000 by executing the BLKBSZSET command. Since the...