net: openvswitch: fix middle attribute validation in push_nsh() action

...

CVE-2025-71096

An uninitialized memory read flaw was found in the Linux kernel's RDMA netlink subsystem. When processing IP resolution responses RDMANLLSOPIPRESOLVE, the code did not properly validate that the required LSNLATYPEDGID attribute was present. A malformed userspace netlink message missing this...

SUSE CVE-2025-68785

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix middle attribute validation in pushnsh action The pushnsh action structure looks like this: OVSACTIONATTRPUSHNSHOVSKEYATTRNSHOVSNSHKEYATTRBASE,... The outermost OVSACTIONATTRPUSHNSH attribute is OK'ed by the...

CVE-2025-68772

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid updating compression context during writeback Bai, Shuangpeng reported a bug as below: Oops: divide error: 0000 1 SMP KASAN PTI CPU: 0 UID: 0 PID: 11441 Comm: syz.0.46 Not tainted 6.17.0 1 PREEMPTfull Hardware...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002777)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002777 advisory. In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002281)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002281 advisory. The ovlsetattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002742)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002742 advisory. In the eaget function in fs/jfs/xattr.c in the Linux kernel through 4.17.1, a memory corruption bug in JFS can be triggered by calling setxattr twice with two...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001980)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001980 advisory. Use-after-free vulnerability in the xacctaddtsk function in kernel/tsacct.c in the Linux kernel before 2.6.19 allows local users to obtain potentially sensitive...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003288)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003288 advisory. In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in nl80211setstation wh...

Pimcore access control vulnerability

Pimcore is an open-source web content management platform developed by the Austrian company Pimcore. This platform integrates applications such as web content management, e-commerce frameworks, and product information management. Pimcore has a security vulnerability related to access control, whi...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003407)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003407 advisory. In the Linux kernel 4.13 through 4.16.11, ext4readinlinedata in fs/ext4/inline.c performs a memcpy with an untrusted length value in certain circumstances involving ...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002250)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002250 advisory. The XFS implementation in the Linux kernel before 3.15 improperly uses an old size value during remote attribute replacement, which allows local users to cause a...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002591)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002591 advisory. Multiple memory leaks in error paths in fs/xfs/xfsattrlist.c in the Linux kernel before 4.5.1 allow local users to cause a denial of service memory consumption via...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002535)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002535 advisory. An issue was discovered in fs/xfs/libxfs/xfsattrleaf.c in the Linux kernel through 4.17.3. An OOPS may occur for a corrupted xfs image after xfsdashrinkinode is call...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002658)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002658 advisory. In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002864)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002864 advisory. An issue was discovered in fs/f2fs/inode.c in the Linux kernel through 4.17.3. A denial of service slab out-of-bounds read and BUG can occur for a modified f2fs...

CVE-2025-68806

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix buffer validation by including null terminator size in EA length The smb2setea function, which handles Extended Attributes EA, was performing buffer validation checks that incorrectly omitted the size of the null...

CVE-2025-71164

Typesetter CMS versions up to and including 5.1 contain a reflected cross-site scripting XSS vulnerability in the Editing component. The images parameter submitted as images in a POST request is reflected into an HTML href attribute without proper context-aware output encoding in...

CVE-2025-68785

A slab-out-of-bounds read vulnerability was found in the Linux kernel's Open vSwitch OVS module. The pushnsh action does not validate the middle nested attribute OVSKEYATTRNSH between the outer action and inner key attributes. When the middle attribute has an incorrect size, the nladata unwrap...

CVE-2026-22855

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap out-of-bounds read occurs in the smartcard SetAttrib path when cbAttrLen does not match the actual NDR buffer length. This vulnerability is fixed in 3.20.1...