180 matches found
CVE-2023-54313 ovl: fix null pointer dereference in ovl_get_acl_rcu()
In the Linux kernel, the following vulnerability has been resolved: ovl: fix null pointer dereference in ovlgetaclrcu Following process: P1 P2 pathopenat linkpathwalk maylookup inodepermissionrcu ovlpermission aclpermissioncheck checkacl getcachedaclrcu ovlgetinodeacl realinode =...
CVE-2023-53856
In the Linux kernel, the following vulnerability has been resolved: of: overlay: Call ofchangesetinit early When ofoverlayfdtapply fails, the changeset may be partially applied, and the caller is still expected to call ofoverlayremove to clean up this partial state. However, ofoverlayapply calls...
CVE-2023-53856
In the Linux kernel, the following vulnerability has been resolved: of: overlay: Call ofchangesetinit early When ofoverlayfdtapply fails, the changeset may be partially applied, and the caller is still expected to call ofoverlayremove to clean up this partial state. However, ofoverlayapply calls...
Linux Distros Unpatched Vulnerability : CVE-2025-40237
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/notify: call exportfsencodefid with sumount Calling intotifyshowfdinfo on fd watching an overlayfs inode, while the overlayfs is being unmounted, can lead to...
EUVD-2025-201222
In the Linux kernel, the following vulnerability has been resolved: fs/notify: call exportfsencodefid with sumount Calling intotifyshowfdinfo on fd watching an overlayfs inode, while the overlayfs is being unmounted, can lead to dereferencing NULL ptr. This issue was found by syzkaller. Race...
CVE-2025-40237 fs/notify: call exportfs_encode_fid with s_umount
In the Linux kernel, the following vulnerability has been resolved: fs/notify: call exportfsencodefid with sumount Calling intotifyshowfdinfo on fd watching an overlayfs inode, while the overlayfs is being unmounted, can lead to dereferencing NULL ptr. This issue was found by syzkaller. Race...
EUVD-2025-150374
In the Linux kernel, the following vulnerability has been resolved: Squashfs: reject negative file sizes in squashfsreadinode Syskaller reports a "WARNING in ovlcopyupfile" in overlayfs. This warning is ultimately caused because the underlying Squashfs file system returns a file with a negative...
Siemens SIMATIC S7-1500 Improper Input Validation (CVE-2024-56570)
In the Linux kernel, the following vulnerability has been resolved: ovl: Filter invalid inodes with missing lookup function Add a check to the ovldentryweird function to prevent the processing of directory inodes that lack the lookup function.This is important because such inodes can cause errors...
Linux Distros Unpatched Vulnerability : CVE-2025-40200
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Squashfs: reject negative file sizes in squashfsreadinode Syskaller reports a WARNING in ovlcopyupfile in overlayfs. This warning is ultimately caused because t...
CVE-2025-40200
In the Linux kernel, the following vulnerability has been resolved: Squashfs: reject negative file sizes in squashfsreadinode Syskaller reports a "WARNING in ovlcopyupfile" in overlayfs. This warning is ultimately caused because the underlying Squashfs file system returns a file with a negative...
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990096)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990096 advisory. In the Linux kernel, the following vulnerability has been resolved: ovl: fix warning in ovlcreatereal Syzbot triggered the following warning in ovlworkdircreate -...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988911)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988911 advisory. In the Linux kernel, the following vulnerability has been resolved: ovl: fix warning in ovlcreatereal Syzbot triggered the following warning in ovlworkdircreate -...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990383)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990383 advisory. In the Linux kernel, the following vulnerability has been resolved: ovl: Filter invalid inodes with missing lookup function Add a check to the ovldentryweird functio...
Exploit for CVE-2015-1328
CVE-2015-1328 Proof of Concept A Proof of Concept PoC explo...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987587)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987587 advisory. In the Linux kernel, the following vulnerability has been resolved: ovl: fix warning in ovlcreatereal Syzbot triggered the following warning in ovlworkdircreate -...
EUVD-2015-8809
Malware in sbrugna...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414321)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414321 advisory. A use-after-free flaw was found in the Linux kernels Ext4 File System in how a user triggers several file operations simultaneously with the overlay FS usage. This...
EUVD-2023-59824
Malicious code in bioql PyPI...
USN-7802-1 linux-azure, linux-azure-6.8 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Bus devices; - AM...
USN-7779-1 linux-ibm, linux-ibm-6.8 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Bus devices; - AM...