Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: ext4: fixed a memory leak in ext4fillsuper. The buffer head references must be released before calling killbdev; otherwise, the buffer head and the page referenced by bdata will not be freed by killbdev, and subsequently that blo...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: jbd2: fixed a potential use-after-free issue in jbd2fcwaitbufs. In jbd2fcwaitbufs, using bh after referencing the buffer’s head count may lead to a use-after-free condition. Therefore, ensure that the buffer is updated before...

CVE-2026-31675

In the Linux kernel, the following vulnerability has been resolved: net/sched: schnetem: fix out-of-bounds access in packet corruption In netemenqueue, the packet corruption logic uses getrandomu32belowskbheadlenskb to select an index for modifying skb-data. When an AFPACKET TXRING sends fully...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013624)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013624 advisory. In the Linux kernel, the following vulnerability has been resolved: udf: Avoid double brelse in udfrename syzbot reported a warning like below 1: VFS: brelse: Trying...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013586)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013586 advisory. In the Linux kernel, the following vulnerability has been resolved: jbd2: add miss release buffer head in fcdoonepass In fcdoonepass miss release buffer head after u...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010901)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010901 advisory. In the Linux kernel, the following vulnerability has been resolved: jbd2: fix potential buffer head reference count leak As in 'jbd2fcwaitbufs' if buffer isn't...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010794)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010794 advisory. In the Linux kernel, the following vulnerability has been resolved: udf: Avoid double brelse in udfrename syzbot reported a warning like below 1: VFS: brelse: Trying...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007403)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007403 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leak in ext4fillsuper Buffer head references must be released before calling...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005486)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005486 advisory. In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix null-ptr-deref in blockdirtybuffer tracepoint When using the block:blockdirtybuffer...

SUSE CVE-2026-22988

In the Linux kernel, the following vulnerability has been resolved: arp: do not assume devhardheader does not change skb-head arpcreate is the only devhardheader caller making assumption about skb-head being unchanged. A recent commit broke this assumption. Initialize @arp pointer after...

CVE-2026-22988

In the Linux kernel, the following vulnerability has been resolved: arp: do not assume devhardheader does not change skb-head arpcreate is the only devhardheader caller making assumption about skb-head being unchanged. A recent commit broke this assumption. Initialize @arp pointer after...

CVE-2026-22988 arp: do not assume dev_hard_header() does not change skb->head

In the Linux kernel, the following vulnerability has been resolved: arp: do not assume devhardheader does not change skb-head arpcreate is the only devhardheader caller making assumption about skb-head being unchanged. A recent commit broke this assumption. Initialize @arp pointer after...

CVE-2026-22988

CVE-2026-22988 affects the Linux kernel’s arp handling, specifically the assumption that skb->head remains unchanged after dev_hard_header() in arp_create(). The issue arises when a recent commit altered skb->head, breaking that assumption. The publicly provided description and OpenVAS/Ness...

CVE-2026-22988

In the Linux kernel, the following vulnerability has been resolved: arp: do not assume devhardheader does not change skb-head arpcreate is the only devhardheader caller making assumption about skb-head being unchanged. A recent commit broke this assumption. Initialize @arp pointer after...

CVE-2022-50835

In the Linux kernel, the following vulnerability has been resolved: jbd2: add miss release buffer head in fcdoonepass In fcdoonepass miss release buffer head after use which will lead to reference count leak...

SUSE CVE-2022-50835

In the Linux kernel, the following vulnerability has been resolved: jbd2: add miss release buffer head in fcdoonepass In fcdoonepass miss release buffer head after use which will lead to reference count leak...

Linux Distros Unpatched Vulnerability : CVE-2022-50839

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jbd2: fix potential buffer head reference count leak As in 'jbd2fcwaitbufs' if buffer isn't uptodate, will return -EIO without update 'journal-jfcoff'. But...

Linux Distros Unpatched Vulnerability : CVE-2022-50835

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jbd2: add miss release buffer head in fcdoonepass In fcdoonepass miss release buffer head after use which will lead to reference count leak. CVE-2022-50835 Note...

EUVD-2022-55863

In the Linux kernel, the following vulnerability has been resolved: jbd2: add miss release buffer head in fcdoonepass In fcdoonepass miss release buffer head after use which will lead to reference count leak...

EUVD-2022-55859

In the Linux kernel, the following vulnerability has been resolved: jbd2: fix potential buffer head reference count leak As in 'jbd2fcwaitbufs' if buffer isn't uptodate, will return -EIO without update 'journal-jfcoff'. But 'jbd2fcreleasebufs' will release buffer head from ‘jfcoff - 1’ if 'bh' is...