815 matches found
USN-8033-7 linux-intel-iotg-5.15, linux-xilinx-zynqmp vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Nios II architecture; - Sun Sparc architecture; - User-Mode Linux UML; - x86 architecture; - Block layer subsystem;...
USN-8033-5: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Nios II architecture; - Sun Sparc architecture; - User-Mode Linux UML; - x86 architecture; - Block layer subsystem;...
kernel security update
An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...
UBUNTU-CVE-2026-23145
In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4xattrinodeupdateref The error branch for ext4xattrinodeupdateref forget to release the refcount for iloc.bh. Find this when review code...
CVE-2026-23145
In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4xattrinodeupdateref The error branch for ext4xattrinodeupdateref forget to release the refcount for iloc.bh. Find this when review code...
CVE-2026-23145
In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4xattrinodeupdateref The error branch for ext4xattrinodeupdateref forget to release the refcount for iloc.bh. Find this when review code...
kernel: ext4: fix use-after-free in ext4_orphan_cleanup
A use-after-free vulnerability was found in the ext4 filesystem's orphan inode cleanup routine in the Linux kernel. When ext4inodeattachjinode fails with -ENOMEM during orphan cleanup at mount time, the error is not properly propagated. The inode is freed via iput, but the orphan list still...
SUSE-SU-2026:0293-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-38321: smb: Log an error when closeallcacheddirs fails bsc1246328. - CVE-2025-38728: smb3: fix for slab out of bounds on mount to ksmbd bsc1249256. -...
ROS-20260126-73-0035
A vulnerability in the ext4xattrinodedecrefall function of the fs/ext4/xattr.c component of the Linux operating system kernel is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001014)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001014 advisory. Multiple race conditions in the ext4 filesystem implementation in the Linux kernel before 4.5 allow local users to cause a denial of service disk corruption by writi...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001203)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001203 advisory. A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause a use-after-free in ext4xattrsetentry function and a denial of service or unspecified...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002301)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002301 advisory. A missing authorization check in the fscryptprocesspolicy function in fs/crypto/policy.c in the ext4 and f2fs filesystem encryption support in the Linux kernel befor...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003410)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003410 advisory. A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write and a denial of service or unspecified other impact is possible...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002479)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002479 advisory. The ext4 implementation in the Linux kernel before 2.6.34 does not properly track the initialization of certain data structures, which allows physically proximate...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002154)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002154 advisory. The ext4fillsuper function in fs/ext4/super.c in the Linux kernel through 4.9.8 does not properly validate meta block groups, which allows physically proximate...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003026)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003026 advisory. A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound access in ext4getgroupinfo function, a denial of service, and a system...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002351)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002351 advisory. The implementation of certain splicewrite file operations in the Linux kernel before 3.16 does not enforce a restriction on the maximum size of a single file, which...
CVE-2025-71123
In the Linux kernel, the following vulnerability has been resolved: ext4: fix string copying in parseapplysbmountoptions strscpypad can't be used to copy a non-NUL-term string into a NUL-term string of possibly bigger size. Commit 0efc5990bca5 "string.h: Introduce memtostr and memtostrpad" provid...
CVE-2022-50845
In the Linux kernel, the following vulnerability has been resolved: ext4: fix inode leak in ext4xattrinodecreate on an error path There is issue as follows when do setxattr with inject fault: localhost fsck.ext4 -fn /dev/sda e2fsck 1.46.6-rc1 12-Sep-2022 Pass 1: Checking inodes, blocks, and sizes...
SUSE CVE-2022-50845
In the Linux kernel, the following vulnerability has been resolved: ext4: fix inode leak in ext4xattrinodecreate on an error path There is issue as follows when do setxattr with inject fault: localhost fsck.ext4 -fn /dev/sda e2fsck 1.46.6-rc1 12-Sep-2022 Pass 1: Checking inodes, blocks, and sizes...