CVE-2026-31449

A flaw was found in the Linux kernel's ext4 filesystem. A local attacker could exploit this vulnerability by providing a specially crafted or corrupted on-disk extent header. This could cause an out-of-bounds read in memory, potentially leading to information disclosure or a system crash Denial o...

CVE-2026-31446

A flaw was found in the Linux kernel's ext4 filesystem. This vulnerability, a use-after-free, occurs due to a timing issue when the updatesuperwork function attempts to access memory that has already been released during a filesystem unmount operation. A local attacker could potentially exploit...

CVE-2026-31448

A flaw was found in the Linux kernel's ext4 filesystem. When creating a directory or node, if an extent insertion fails, the system may not properly clear residual data. This can lead to a situation where both directory and extended attribute xattr blocks simultaneously use the same memory buffer...

EUVD-2026-24788

In the Linux kernel, the following vulnerability has been resolved: ext4: publish jinode after initialization ext4inodeattachjinode publishes ei-jinode to concurrent users. It used to set ei-jinode before jbd2journalinitjbdinode, allowing a reader to observe a non-NULL jinode with ivfsinode still...

CVE-2026-31446 ext4: fix use-after-free in update_super_work when racing with umount

In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free in updatesuperwork when racing with umount Commit b98535d09179 "ext4: fix bugon in startthishandle during umount filesystem" moved ext4unregistersysfs before flushing ssbupdwork to prevent new error work...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013629)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013629 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix bugon in estreesearch caused by bad quota inode We got a issue as fllows:...

PT-2026-34354

In the Linux kernel, the following vulnerability has been resolved: ext4: validate p idx bounds in ext4 ext correct indexes ext4 ext correct indexes walks up the extent tree correcting index entries when the first extent in a leaf is modified. Before accessing pathk.p idx-ei block, there is no...

PT-2026-34352

In the Linux kernel, the following vulnerability has been resolved: ext4: reject mount if bigalloc with s first data block != 0 bigalloc with s first data block != 0 is not supported, reject mounting it...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-010776)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010776 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: detect invalid INLINEDATA + EXTENTS flag combination syzbot reported a BUGON in...

USN-8188-1: Linux kernel (HWE) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Cryptographic API; - Drivers core; - Bluetooth drivers; - DMA engine...

USN-8188-1 linux-hwe-5.15 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Cryptographic API; - Drivers core; - Bluetooth drivers; - DMA engine...

USN-8187-1: Linux kernel (NVIDIA) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Drivers core; - Bluetooth drivers; - DMA engine subsystem; - GPU...

USN-8186-1 linux-intel-iot-realtime, linux-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Drivers core; - Bluetooth drivers; - DMA engine subsystem; - GPU...

USN-8177-1 linux, linux-realtime vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007571)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007571 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix possible UAF when remounting r/o a mmp-protected file system After commit 618f003199c6...

USN-8162-1 linux-nvidia-tegra-5.15 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Cryptographic API; - Drivers core; - Bluetooth drivers; - DMA engine...

CLSA-2026-1775655705 kernel-uek: Fix of 34 CVEs

ALSA: usb-audio: Fix use-after-free in sndusbmixerfree CVE-2026-23089 - HID: core: Harden s32ton against conversion to 0 bits CVE-2025-38556 - KVM: nSVM: Ignore nCR34:0 when loading PDPTEs from memory CVE-2024-50115 - KVM: x86: Reset IRTE to host control if new route isn't postable CVE-2025-37885...

ROS-20260403-73-0036

A vulnerability in the fs/ext4/inline.c component of the Linux operating system kernel is related to insufficient input data validation. Exploitation of the vulnerability allows an attacker to cause a denial of service...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: drm/ttm: fix undefined behavior in bit shift for TTMTTFLAGPRIVPOPULATED CVE-2022-50390 In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Reinit blkgiostatset after clearing in...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005523)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005523 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix idatasem unlock order in ext4indmigrate Fuzzing reports a possible deadlock in...