Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003750)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003750 advisory. ext4emptydir in fs/ext4/namei.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because ext4readdirblockinode,0,DIRENTHTREE can be zero. Tenable...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001180)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001180 advisory. In the Linux kernel 4.13 through 4.16.11, ext4readinlinedata in fs/ext4/inline.c performs a memcpy with an untrusted length value in certain circumstances involving ...

RockyLinux 9 : kernel (RLSA-2025:8643)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:8643 advisory. kernel: net: gso: fix ownership in udpgsosegment CVE-2025-21926 kernel: vlan: enforce underlying device type CVE-2025-21920 kernel: xsk: fix an integer...

kernel security update

An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

RLSA-2025:8643 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net: gso: fix ownership in udpgsosegment CVE-2025-21926 kernel: vlan: enforce underlying device type CVE-2025-21920 kernel: xsk: fix an integer overflow in xpcreateandassignumem...

DEBIAN-CVE-2024-57256

An integer overflow in ext4fsreadsymlink in Das U-Boot before 2025.01-rc1 occurs for zalloc adding one to an le32 variable via a crafted ext4 filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite...

PT-2025-6748 · Barebox · Barebox

Name of the Vulnerable Software and Affected Versions: barebox versions prior to 2025.01.0 Description: The issue is related to an integer overflow in the ext4fs read symlink function when handling a crafted ext4 filesystem with an inode size of 0xffffffff. This results in a malloc of zero and a...

SUSE CVE-2019-19037

ext4emptydir in fs/ext4/namei.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because ext4readdirblockinode,0,DIRENTHTREE can be zero...

The vulnerability of the ext4_read_file function in the Cboot module of the NVIDIA Jetson computing platform’s driver suite allows a malicious actor to execute arbitrary code, gain elevated privileges, or cause partial service failure.

The vulnerability of the ext4readfile function in the Cboot module of the NVIDIA Jetson computing platform’s driver suite is related to a numerical overflow vulnerability. Exploiting this vulnerability could allow an attacker to execute arbitrary code, gain elevated privileges, or cause partial...

CVE-2022-28195

NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot ext4readfile function, where insufficient validation of untrusted data may allow a highly privileged local attacker to cause a integer overflow, which may lead to code execution, escalation of privileges, limited denial of...

USN-4576-1 linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities

Hadar Manor discovered that the DCCP protocol implementation in the Linux kernel improperly handled socket reuse, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-16119 Jay Shin...