Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001180)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001180 advisory. In the Linux kernel 4.13 through 4.16.11, ext4readinlinedata in fs/ext4/inline.c performs a memcpy with an untrusted length value in certain circumstances involving ...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003750)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003750 advisory. ext4emptydir in fs/ext4/namei.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because ext4readdirblockinode,0,DIRENTHTREE can be zero. Tenable...

RockyLinux 9 : kernel (RLSA-2025:8643)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:8643 advisory. kernel: net: gso: fix ownership in udpgsosegment CVE-2025-21926 kernel: vlan: enforce underlying device type CVE-2025-21920 kernel: xsk: fix an integer...

RLSA-2025:8643 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net: gso: fix ownership in udpgsosegment CVE-2025-21926 kernel: vlan: enforce underlying device type CVE-2025-21920 kernel: xsk: fix an integer overflow in xpcreateandassignumem...

kernel security update

An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

DEBIAN-CVE-2024-57256

An integer overflow in ext4fsreadsymlink in Das U-Boot before 2025.01-rc1 occurs for zalloc adding one to an le32 variable via a crafted ext4 filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite...

PT-2025-6748 · Barebox · Barebox

Name of the Vulnerable Software and Affected Versions: barebox versions prior to 2025.01.0 Description: The issue is related to an integer overflow in the ext4fs read symlink function when handling a crafted ext4 filesystem with an inode size of 0xffffffff. This results in a malloc of zero and a...

SUSE CVE-2019-19037

ext4emptydir in fs/ext4/namei.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because ext4readdirblockinode,0,DIRENTHTREE can be zero...

CVE-2022-28195

NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot ext4readfile function, where insufficient validation of untrusted data may allow a highly privileged local attacker to cause a integer overflow, which may lead to code execution, escalation of privileges, limited denial of...

USN-4576-1 linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities

Hadar Manor discovered that the DCCP protocol implementation in the Linux kernel improperly handled socket reuse, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-16119 Jay Shin...