Oracle Linux 7 : kernel (ELSA-2026-1581)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-1581 advisory. - e1000e: fix heap overflow in e1000seteeprom CVE-2025-39898 Orabug: 38904071 - i40e: fix idx validation in config queues msg CVE-2025-39971 Orabug:...

kernel: ext4: fix undefined behavior in bit shift for ext4_check_flag_values

A vulnerability was identified in the Linux kernel's ext4 filesystem implementation due to a flaw in how it processes filesystem metadata. An attacker with local privileges could create a malicious ext4 filesystem image to trigger this issue. When the system attempts to mount this malicious image...

RHEL 7 : kernel (RHSA-2025:23947)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23947 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ALSA: usb-audio: Validate UAC...

RHEL 8 : kernel (RHSA-2025:22072)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:22072 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ALSA: usb-audio: Validate UAC...

RHEL 9 : kernel (RHSA-2025:22066)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:22066 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ALSA: usb-audio: Validate UAC...

CVE-2022-50403

A vulnerability was identified in the Linux kernel's ext4 filesystem implementation due to a flaw in how it processes filesystem metadata. An attacker with local privileges could create a malicious ext4 filesystem image to trigger this issue. When the system attempts to mount this malicious image...

CVE-2022-50403

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2022-50403

In the Linux kernel, the following vulnerability has been resolved: ext4: fix undefined behavior in bit shift for ext4checkflagvalues Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. The UBSAN warning calltrace like below: UBSAN: shift-out-of-bounds i...

CVE-2022-50403

CVE-2022-50403 is documented in connected advisories as a kernel/ext4 issue: undefined behavior in a bit-shift check within ext4_check_flag_values. Red Hat RHSA-2025-23947 (RHEL 7 kernel) and RHSA-2025-23445 (RHEL 8 kernel) enumerate this CVE among security fixes for the kernel. Affected componen...

CVE-2024-50163

In the Linux kernel, the following vulnerability has been resolved: bpf: Make sure internal and UAPI bpfredirect flags don't overlap The bpfredirectinfo is shared between the SKB and XDP redirect paths, and the two paths use the same numeric flag values in the ri-flags field specifically,...

Denial Of Service

libnbd is vulnerable to Denial of Service DoS. The vulnerability is due to a flaw in the handling of 64-bit extended headers in the NBD protocol when dealing with large flag values in the server's reply to the NBDCMDBLOCKSTATUS command...

CVE-2016-1284

rdataset.c in ISC BIND 9 Supported Preview Edition 9.9.8-S before 9.9.8-S5, when nxdomain-redirect is enabled, allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit via crafted flag values in a query...

CVE-2016-1284

rdataset.c in ISC BIND 9 Supported Preview Edition 9.9.8-S before 9.9.8-S5, when nxdomain-redirect is enabled, allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit via crafted flag values in a query...