Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021623)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021623 advisory. In the Linux kernel, the following vulnerability has been resolved: lib/fonts: fix undefined behavior in bit shift for getdefaultfont Shifting signed 32-bit value by...

Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017620)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017620 advisory. A flaw was found in ImageMagick in MagickCore/quantum-export.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined...

CVE-2026-42217

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to before 3.4.11, readVariableLengthInteger decodes a variable-length integer fro...

Astra Linux - уязвимость в linux-5.15, linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: lib/fonts: Fixed undefined behavior in bit shifting for getdefaultfont. Shifting a signed 32-bit value by 31 bits is undefined; therefore, the significant bit was changed to unsigned. The UBSAN warning appears as follows: UBSA...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: comedi: aioiiro16: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: if 1 options1 & 0xdcfc However, it-optionsi is an unchecked int value from userspace, so the shift amount could ...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: net: mdio: fix undefined behavior in bit shift for mdiobusregister Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. The UBSAN warning calltrace like below: UBSAN: shift-out-of-bounds ...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerabilities have been resolved: capabilities: Fixed an undefined behavior in bit shifting for CAPTOMASK. Shifting a signed 32-bit value by 31 bits is undefined; therefore, the significant bit was changed to unsigned. The UBSAN warning appears as follows:...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: comedi: pcl812: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: c if 1 options1 & board-irqbits However, it-optionsi is an unchecked int value from userspace, so the shift amount...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010856)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010856 advisory. In the Linux kernel, the following vulnerability has been resolved: lib/fonts: fix undefined behavior in bit shift for getdefaultfont Shifting signed 32-bit value by...

DEBIAN-CVE-2026-31412

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fmassstorage: Fix potential integer overflow in checkcommandsizeinblocks The checkcommandsizeinblocks function calculates the data size in bytes by left shifting common-datasizefromcmnd by the block size...

CLSA-2026-1768110920 kernel: Fix of 16 CVEs

crypto: lzo - Fix compression buffer overrun CVE-2025-38068 - wifi: brcmfmac: fix use-after-free when rescheduling brcmfbtcoexinfo work CVE-2025-39863 - NFSD: Protect against send buffer overflow in NFSv2 READ CVE-2022-43945 - tcp: Clear tcpsksk-fastopenrsk in tcpdisconnect. CVE-2025-40186 - can:...

EulerOS 2.0 SP12 : kernel (EulerOS-SA-2026-1091)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : net: drop UFO packets in udprcvsegmentCVE-2025-38622 A transient execution vulnerability in some AMD processors may allow an attacker to infer dat...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993042)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993042 advisory. In the Linux kernel, the following vulnerability has been resolved: net: mdio: fix undefined behavior in bit shift for mdiobusregister Shifting signed 32-bit value b...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993217)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993217 advisory. In the Linux kernel, the following vulnerability has been resolved: capabilities: fix undefined behavior in bit shift for CAPTOMASK Shifting signed 32-bit value by 3...

kernel: ext4: fix undefined behavior in bit shift for ext4_check_flag_values

A vulnerability was identified in the Linux kernel's ext4 filesystem implementation due to a flaw in how it processes filesystem metadata. An attacker with local privileges could create a malicious ext4 filesystem image to trigger this issue. When the system attempts to mount this malicious image...

Moderate: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

kernel: ext4: fix undefined behavior in bit shift for ext4_check_flag_values

A vulnerability was identified in the Linux kernel's ext4 filesystem implementation due to a flaw in how it processes filesystem metadata. An attacker with local privileges could create a malicious ext4 filesystem image to trigger this issue. When the system attempts to mount this malicious image...

kernel: ext4: fix undefined behavior in bit shift for ext4_check_flag_values

A vulnerability was identified in the Linux kernel's ext4 filesystem implementation due to a flaw in how it processes filesystem metadata. An attacker with local privileges could create a malicious ext4 filesystem image to trigger this issue. When the system attempts to mount this malicious image...

EulerOS 2.0 SP11 : kernel (EulerOS-SA-2025-2483)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : scsi: qla2xxx: Fix warning message due to adisc being flushedCVE-2022-49158 scsi: qla2xxx: Implement ref count for SRBCVE-2022-49159 tcp: add...

EulerOS 2.0 SP11 : kernel (EulerOS-SA-2025-2464)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : scsi: qla2xxx: Fix warning message due to adisc being flushedCVE-2022-49158 scsi: qla2xxx: Implement ref count for SRBCVE-2022-49159 tcp: add...