Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ocfs2: Fix for defragmentation path triggering jbd2 assertion. Code paths: - ocfs2ioctlmoveextents - ocfs2moveextents - ocfs2defragextent - ocfs2moveextent - + ocfs2journalaccessdi - + ocfs2splitextent // Sub-path calls...

Astra Linux - уязвимость в linux-6.1, linux, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: inet: inetdefrag: prevent sk from being released while still in use The functions iplocalout and others can pass skb-sk as a function argument. If the skb is a fragment and reassembly occurs before such a function call returns, t...

Astra Linux - уязвимость в linux, linux-5.10

A vulnerability related to deallocation was discovered in the preparetorelocate function in fs/btrfs/relocation.c within btrfs in the Linux Kernel. This potential flaw can be triggered by calling btrfsioctlbalance before calling btrfsioctldefrag...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011267)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011267 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: clear extent cache after moving/defragmenting extents The extent map cache can become stal...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013331)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013331 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix defrag path triggering jbd2 ASSERT code path: ocfs2ioctlmoveextents ocfs2moveextents...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013062)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013062 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: clear extent cache after moving/defragmenting extents The extent map cache can become stal...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-006960)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006960 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix defrag path triggering jbd2 ASSERT code path: ocfs2ioctlmoveextents ocfs2moveextents...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010994)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010994 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix defrag path triggering jbd2 ASSERT code path: ocfs2ioctlmoveextents ocfs2moveextents...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007263)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007263 advisory. In the Linux kernel, the following vulnerability has been resolved: inet: inetdefrag: prevent sk release while still in use iplocalout and other functions can pass...

SUSE CVE-2026-23016

In the Linux kernel, the following vulnerability has been resolved: inet: frags: drop fraglist conntrack references Jakub added a warning in nfconntrackcleanupnetlist to make debugging leaked skbs/conntrack references more obvious. syzbot reports this as triggering, and I can also reproduce this...

CVE-2026-23016

In the Linux kernel, the following vulnerability has been resolved: inet: frags: drop fraglist conntrack references Jakub added a warning in nfconntrackcleanupnetlist to make debugging leaked skbs/conntrack references more obvious. syzbot reports this as triggering, and I can also reproduce this...

CVE-2026-23016 inet: frags: drop fraglist conntrack references

In the Linux kernel, the following vulnerability has been resolved: inet: frags: drop fraglist conntrack references Jakub added a warning in nfconntrackcleanupnetlist to make debugging leaked skbs/conntrack references more obvious. syzbot reports this as triggering, and I can also reproduce this...

PT-2026-5519

In the Linux kernel, the following vulnerability has been resolved: inet: frags: drop fraglist conntrack references Jakub added a warning in nf conntrack cleanup net list to make debugging leaked skbs/conntrack references more obvious. syzbot reports this as triggering, and I can also reproduce...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002852)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002852 advisory. The netfilter subsystem in the Linux kernel before 4.9 mishandles IPv6 reassembly, which allows local users to cause a denial of service integer overflow,...

SUSE CVE-2025-68768

In the Linux kernel, the following vulnerability has been resolved: inet: frags: flush pending skbs in fqdirpreexit We have been seeing occasional deadlocks on pernetopsrwsem since September in NIPA. The stuck task was usually modprobe often loading a driver like ipvlan, trying to take the lock a...

CVE-2025-68768

This CVE (CVE-2025-68768) affects the Linux kernel and is documented as a fix for a fragmentation-related deadlock: the code path in inet: frags: flush pending skbs in fqdir_pre_exit() flushes fragment queue SKBs to release conntrack references before nf_conntrack_cleanup_net_list() runs. The roo...

OPENSUSE-SU-2026:20003-1 Security update of valkey

This update for valkey fixes the following issues: Update to 8.0.6: - Security fixes: - CVE-2025-49844: Fixed that a Lua script may lead to remote code execution bsc1250995 - CVE-2025-46817: Fixed that a Lua script may lead to integer overflow and potential RCE bsc1250995 - CVE-2025-46818: Fixed...

OPENSUSE-SU-2025:20121-1 Security update for redis

This update for redis fixes the following issues: - Updated to 8.2.3 boo1252996 CVE-2025-62507 https://github.com/redis/redis/releases/tag/8.2.3 - Security fixes - CVE-2025-62507 Bug in XACKDEL may lead to stack overflow and potential RCE - Bug fixes - HGETEX: A missing numfields argument when...

EUVD-2023-60044

Nagios XI versions prior to 5.11.3 are vulnerable to cross-site scripting XSS via the Bandwidth Report component. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

SUSE CVE-2025-40074

In the Linux kernel, the following vulnerability has been resolved: ipv4: start using dstdevrcu Change icmpv4xrlimallow, ipdefrag to prevent possible UAF. Change ipmrpreparexmit, ipmrqueuefwdxmit, ipmroutput, ipv4neighlookup to use lockdep enabled dstdevrcu...