Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414297)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414297 advisory. An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because...

Ubuntu 14.04 LTS / 16.04 LTS : Linux kernel vulnerabilities (USN-6700-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6700-1 advisory. It was discovered that the Layer 2 Tunneling Protocol L2TP implementation in the Linux kernel contained a race condition when releasing...

OracleVM 3.4 : kernel-uek (OVMSA-2023-0017)

The remote OracleVM system is missing necessary patches to address security updates: - A use-after-free flaw was found in the Linux kernel's Atheros wireless adapter driver in the way a user forces the ath9khtcwaitfortarget function to fail with some input messages. This flaw allows a local user ...

CVE-2023-34256

DISPUTED An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4groupdesccsum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to...

OESA-2023-1395 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A known cache speculation vulnerability, known as Branch History Injection BHI or Spectre-BHB, becomes actual again for the new hw AmpereOne. Spectre-BHB is similar to Spectre v2, except that malicious code uses the shared branch...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2023-034 (ALASKERNEL-5.10-2023-034)

The version of kernel installed on the remote host is prior to 5.10.184-174.730. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2023-034 advisory. A flaw was found in the Linux kernel Traffic Control TC subsystem. Using a specific networking...

Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.117 and fixes atleast the following security issues: In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs CVE-2022-48425. An out-of-bounds memory access flaw was found in...

SUSE CVE-2023-34256

An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4groupdesccsum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend again...

CVE-2023-34256

An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4groupdesccsum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend again...

AZL-27063 CVE-2023-34256 affecting package kernel for versions less than 5.15.116.1-1

An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4groupdesccsum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend again...

CVE-2023-34256

An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4groupdesccsum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend again...

Out-of-bounds

An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4groupdesccsum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend again...

CVE-2023-34256

An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4groupdesccsum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend again...

CVE-2023-34256

CVE-2023-34256 describes an out-of-bounds read in crc16 in lib/crc16.c when invoked from fs/ext4/super.c due to incomplete offset checks in ext4_group_desc_csum, affecting the Linux kernel up to but not including 6.3.3. The issue can enable local denial of service or information leaks via a craft...

CVE-2023-34256

An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4groupdesccsum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend again...

OSV-2020-990 UNKNOWN READ in FLAC__crc16_update_words32

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16457 Crash type: UNKNOWN READ Crash state: FLACcrc16updatewords32 crc16updateblock bitreaderreadfromclient...

Samsung SmartThings Hub hubCore ZigBee firmware update CRC16 check denial-of-service vulnerability

Summary An exploitable integer underflow vulnerability exists in the ZigBee firmware update routine of the hubCore binary of the Samsung SmartThings Hub. The hubCore process incorrectly handles malformed files existing in its “data” directory, leading to an infinite loop, which eventually causes...