Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-013126)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013126 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix deadlock due to mbcache entry corruption When manipulating xattr blocks, we can deadloc...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006664)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006664 advisory. In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: avoid invalid memory access via nodeonlineNUMANONODE KASAN reports: 4.668325 T0 BUG:...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001217)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001217 advisory. kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service memory corruption or possibly have unspecified other impact ...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002637)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002637 advisory. kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service memory corruption or possibly have unspecified other impact ...

CVE-2022-50668 ext4: fix deadlock due to mbcache entry corruption

In the Linux kernel, the following vulnerability has been resolved: ext4: fix deadlock due to mbcache entry corruption When manipulating xattr blocks, we can deadlock infinitely looping inside ext4xattrblockset where we constantly keep finding xattr block for reuse in mbcache but we are unable to...

io_uring/io-wq: Use set_bit() and test_bit() at worker->flags

...

CVE-2023-53474 x86/MCE/AMD: Use an u64 for bank_map

In the Linux kernel, the following vulnerability has been resolved: x86/MCE/AMD: Use an u64 for bankmap Thee maximum number of MCA banks is 64 MAXNRBANKS, see a0bc32b3cacf "x86/mce: Increase maximum number of banks to 64". However, the bankmap which contains a bitfield of which banks to initializ...

PT-2025-40181

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the x86/MCE/AMD code where the bank map variable, used to track initialized Machine Check Architecture MCA banks, is of type unsigned int. This can le...

SUSE CVE-2022-50093

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: avoid invalid memory access via nodeonlineNUMANONODE KASAN reports: 4.668325 T0 BUG: KASAN: wild-memory-access in dmarparseonerhsa arch/x86/include/asm/bitops.h:214 arch/x86/include/asm/bitops.h:226...

OESA-2024-2589 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: iouring/io-wq: Use setbit and testbit at worker-flags Utilize setbit and testbit on worker-flags within iouring/io-wq to address potential data races. The...

UBUNTU-CVE-2024-47697

In the Linux kernel, the following vulnerability has been resolved: drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error Ensure index in rtl2830pidfilter does not exceed 31 to prevent out-of-bounds access. dev-filters is a 32-bit value, so setbit and clearbit functions should...

kernel: scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory

In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Avoid test/setbit operating in non-allocated memory There is a potential out-of-bounds access when using testbit on a single word. The testbit and setbit functions operate on long values, and when testing or settin...

kernel: scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory

In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Avoid test/setbit operating in non-allocated memory There is a potential out-of-bounds access when using testbit on a single word. The testbit and setbit functions operate on long values, and when testing or settin...

AZL-68111 CVE-2024-39508 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: iouring/io-wq: Use setbit and testbit at worker-flags Utilize setbit and testbit on worker-flags within iouring/io-wq to address potential data races. The structure ioworker-flags may be accessed through various data paths, leadi...

UBUNTU-CVE-2024-40901

In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Avoid test/setbit operating in non-allocated memory There is a potential out-of-bounds access when using testbit on a single word. The testbit and setbit functions operate on long values, and when testing or settin...

GitHub Security Lab: ihsinme: CPP Add query for CWE-691 Insufficient Control Flow Management When Using Bit Operations

This bug was reported directly to GitHub Security Lab...

CVE-2020-8835

In the Linux kernel 5.5.0 and newer, the bpf verifier kernel/bpf/verifier.c did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. The vulnerability also affects the Linux 5.4 stable series, starting with v5.4.7, as the...

Out-of-bounds

In the Linux kernel 5.5.0 and newer, the bpf verifier kernel/bpf/verifier.c did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. The vulnerability also affects the Linux 5.4 stable series, starting with v5.4.7, as the...

CVE-2020-8835

In the Linux kernel 5.5.0 and newer, the bpf verifier kernel/bpf/verifier.c did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. The vulnerability also affects the Linux 5.4 stable series, starting with v5.4.7, as the...

CVE-2017-17852

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service memory corruption or possibly have unspecified other impact by leveraging mishandling of 32-bit ALU ops...