UBUNTU-CVE-2026-48831

Wine ships a .desktop file that registers itself as a MIME handler for EXE files and several other Windows executable file types. In some configurations, handling of an EXE file causes that file to be blindly executed with the permissions of the invoker. This allows escaping Flatpak and Snap...

CLSA-2026-1778276927 kernel: Fix of 33 CVEs

rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present - xfrm: esp: avoid in-place decrypt on shared skb frags - ext4: avoid OOB when system.data xattr changes underneath the filesystem CVE-2024-47701 - gpiolib: cdev: fix uninitialised kfifo CVE-2024-36898 - wifi: mt76: Fix...

CLSA-2026-1777616064 kernel: Fix of 260 CVEs

crypto: algifaead - Fix minimum RX size check for decryption CVE-2026-31431 - crypto: afalg - Fix page reassignment overflow in afalgpulltsgl CVE-2026-31431 - crypto: authencesn - reject too-short AAD assoclen8 to match ESP/ESN spec CVE-2026-31431 - crypto: authencesn - Fix src offset when...

Important: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: remove refcounting in expectation dumpers CVE-2025-39764 In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6xmit CVE-2025-40135 In the Linux kernel, the...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011108)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011108 advisory. In the Linux kernel, the following vulnerability has been resolved: binfmtmisc: fix shift-out-of-bounds in checkspecialflags UBSAN reported a shift-out-of-bounds...

kernel: Fix of 10 CVEs

ACPICA: Add AMLNOOPERANDRESOLVE flag to Timer CVE-2023-53395 - net: ppp: Add bound checking for skb data on pppsynctxmung CVE-2025-37749 - ata: ahci: Match EMMAXSLOTS with SATAPMPMAXPORTS CVE-2022-50315 - ext2: Check block size validity during mount CVE-2023-53569 - gfs2: Fix possible data races...

CLSA-2026-1773044010 kernel: Fix of 10 CVEs

ACPICA: Add AMLNOOPERANDRESOLVE flag to Timer CVE-2023-53395 - net: ppp: Add bound checking for skb data on pppsynctxmung CVE-2025-37749 - ata: ahci: Match EMMAXSLOTS with SATAPMPMAXPORTS CVE-2022-50315 - ext2: Check block size validity during mount CVE-2023-53569 - gfs2: Fix possible data races...

CLSA-2026-1771077729 kernel: Fix of 107 CVEs

net/ieee802154: don't warn zero-sized rawsendmsg CVE-2022-50706 - bpf: Don't redirect packets with invalid pktlen CVE-2022-49975 - media: uvcvideo: Fix 1-byte out-of-bounds read in uvcparseformat CVE-2025-38680 - ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network...

CVE-2025-68239

In the Linux kernel, the following vulnerability has been resolved: binfmtmisc: restore write access before closing files opened by openexec bmregisterwrite opens an executable file using openexec, which internally calls doopenexecat and denies write access on the file to avoid modification while...

CVE-2025-68239

In the Linux kernel, the following vulnerability has been resolved: binfmtmisc: restore write access before closing files opened by openexec bmregisterwrite opens an executable file using openexec, which internally calls doopenexecat and denies write access on the file to avoid modification while...

UBUNTU-CVE-2025-68239

In the Linux kernel, the following vulnerability has been resolved: binfmtmisc: restore write access before closing files opened by openexec bmregisterwrite opens an executable file using openexec, which internally calls doopenexecat and denies write access on the file to avoid modification while...

CVE-2025-68239 binfmt_misc: restore write access before closing files opened by open_exec()

In the Linux kernel, the following vulnerability has been resolved: binfmtmisc: restore write access before closing files opened by openexec bmregisterwrite opens an executable file using openexec, which internally calls doopenexecat and denies write access on the file to avoid modification while...

EUVD-2022-55657

In the Linux kernel, the following vulnerability has been resolved: btrfs: call btrfsremovefreespacecachelocked on cache load failure Now that lockdep is staying enabled through our entire CI runs I started seeing the following stack in generic/475 ------------ cut here ------------ WARNING: CPU:...

CVE-2022-50497 binfmt_misc: fix shift-out-of-bounds in check_special_flags

In the Linux kernel, the following vulnerability has been resolved: binfmtmisc: fix shift-out-of-bounds in checkspecialflags UBSAN reported a shift-out-of-bounds warning: left shift of 1 by 31 places cannot be represented in type 'int' Call Trace: dumpstack lib/dumpstack.c:88 inline...

SUSE CVE-2020-27534

util/binfmtmisc/check.go in Builder in Docker Engine before 19.03.9 calls os.OpenFile with a potentially unsafe qemu-check temporary pathname, constructed with an empty first argument in an ioutil.TempDir call...