Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013178)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013178 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to drop all dirty pages during umount if cperror is set xfstest generic/361 reports a...

Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-27033)

The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27033 advisory. - In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to remove unnecessary...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37739)

"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37739 advisory. - In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid out-of-bounds access...

CVE-2025-71107 f2fs: ensure node page reads complete before f2fs_put_super() finishes

In the Linux kernel, the following vulnerability has been resolved: f2fs: ensure node page reads complete before f2fsputsuper finishes Xfstests generic/335, generic/336 sometimes crash with the following message: F2FS-fs dm-0: detect filesystem reference count leak during umount, type: 9, count: ...

CVE-2025-40150

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid migrating empty section It reports a bug from device w/ zufs: F2FS-fs dm-64: Inconsistent segment 173822 type 1, 0 in SSA and SIT F2FS-fs dm-64: Stopped filesystem due to reason: 4 Thread A Thread B -...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988712)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988712 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check for inline inode Yanming reported a kernel bug in Bugzilla kernel 1,...

SUSE CVE-2025-40077

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid overflow while left shift operation Should cast type of folio-index from pgofft to lofft to avoid overflow while left shift operation...

EUVD-2022-55056

In the Linux kernel, the following vulnerability has been resolved: f2fs: use spinlock to avoid hang 14696.634553 task:cat state:D stack: 0 pid:1613738 ppid:1613735 flags:0x00000004 14696.638285 Call Trace: 14696.639038 14696.640032 schedule+0x302/0x930 14696.640969 schedule+0x58/0xd0 14696.64179...

EUVD-2025-20899

Malicious code in bioql PyPI...

EUVD-2025-11161

Malicious code in bioql PyPI...

CLSA-2025-1753083094 Fix of 10 CVEs

Focal update: v5.4.292 upstream stable release LP: 2109357 // CVE-url: https://ubuntu.com/security/CVE-2025-37937 - objtool, media: dib8000: Prevent divide-by-zero in dib8000setdds Focal update: v5.4.287 upstream stable release LP: 2095145 // CVE-url: https://ubuntu.com/security/CVE-2024-53197 -...

CVE-2025-38333

CVE-2025-38333 affects the Linux kernel’s f2fs file system. A fix was applied to bail out in get_new_segment() when inconsistent status is detected between free_segmap and free_secmap, recording the error into the superblock and aborting the segment allocation. The vulnerability stems from get_ne...

CVE-2025-38333 f2fs: fix to bail out in get_new_segment()

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to bail out in getnewsegment ------------ cut here ------------ WARNING: CPU: 3 PID: 579 at fs/f2fs/segment.c:2832 newcurseg+0x5e8/0x6dc pc : newcurseg+0x5e8/0x6dc Call trace: newcurseg+0x5e8/0x6dc...

CVE-2022-50009

CVE-2022-50009 corresponds to a Linux kernel vulnerability in f2fs → fixed null-ptr-deref in f2fs_get_dnode_of_data during atomic write. The provided data describe a scenario where f2fs_do_write_data_page writes a cow_inode (for atomic writes) and ends up dereferencing a NULL cow_inode, triggerin...

SUSE CVE-2025-23132

In the Linux kernel, the following vulnerability has been resolved: f2fs: quota: fix to avoid warning in dquotwritebackdquots F2FS-fs dm-59: checkpoint=enable has some unwritten data. ------------ cut here ------------ WARNING: CPU: 6 PID: 8013 at fs/quota/dquot.c:691...

DEBIAN-CVE-2025-22127

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix potential deadloop in preparecompressoverwrite Jan Prusakowski reported a kernel hang issue as below: When running xfstests on linux-next kernel 6.14.0-rc3, 6.12 I encountered a problem in generic/475 test where fsstres...

Linux Distros Unpatched Vulnerability : CVE-2022-49255

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: f2fs: fix missing free nid in f2fshandlefailedinode This patch fixes xfstests/generic/475...

CVE-2022-49425

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix dereference of stale list iterator after loop body The list iterator variable will be a bogus pointer if no break was hit. Dereferencing it cur-page in this case could load an out-of-bounds/undefined value making it...

CVE-2022-49428 f2fs: fix to do sanity check on inline_dots inode

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on inlinedots inode As Wenqing reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215765 It will cause a kernel panic with steps: - mkdir mnt - mount tmp40.img mnt - ls mnt...

CVE-2022-49425 f2fs: fix dereference of stale list iterator after loop body

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix dereference of stale list iterator after loop body The list iterator variable will be a bogus pointer if no break was hit. Dereferencing it cur-page in this case could load an out-of-bounds/undefined value making it...