CVE-2026-23742

Skipper is an HTTP router and reverse proxy for service composition. The default skipper configuration before 0.23.0 was -lua-sources=inline,file. The problem starts if untrusted users can create lua filters, because of -lua-sources=inline , for example through a Kubernetes Ingress resource. The...

CVE-2026-23742 Skipper arbitrary code execution through lua filters

Skipper is an HTTP router and reverse proxy for service composition. The default skipper configuration before 0.23.0 was -lua-sources=inline,file. The problem starts if untrusted users can create lua filters, because of -lua-sources=inline , for example through a Kubernetes Ingress resource. The...

CVE-2026-23742

CVE-2026-23742 affects the Skipper HTTP router/proxy. The default -lua-sources=inline in versions before 0.23.0 lets untrusted users inject Lua filters that can read the host filesystem and, via logs, exfiltrate skipper secrets, potentially enabling arbitrary code execution. The issue is resolved...

CVE-2026-23742 Skipper arbitrary code execution through lua filters

Skipper is an HTTP router and reverse proxy for service composition. The default skipper configuration before 0.23.0 was -lua-sources=inline,file. The problem starts if untrusted users can create lua filters, because of -lua-sources=inline , for example through a Kubernetes Ingress resource. The...

CVE-2026-23742 Skipper arbitrary code execution through lua filters

Skipper is an HTTP router and reverse proxy for service composition. The default skipper configuration before 0.23.0 was -lua-sources=inline,file. The problem starts if untrusted users can create lua filters, because of -lua-sources=inline , for example through a Kubernetes Ingress resource. The...

f2fs: use global inline_xattr_slab instead of per-sb slab cache

...

PT-2026-3320

Name of the Vulnerable Software and Affected Versions Skipper versions prior to 0.23.0 Description Skipper is an HTTP router and reverse proxy for service composition. The default configuration before version 0.23.0, specifically -lua-sources=inline,file, allowed untrusted users to create Lua...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001379)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001379 advisory. An issue was discovered in fs/f2fs/inline.c in the Linux kernel through 4.4. A denial of service out-of- bounds memory access and BUG can occur for a modified f2fs...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000937)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000937 advisory. fs/btrfs/inode.c in the Linux kernel before 4.3.3 mishandles compressed inline extents, which allows local users to obtain sensitive pre-truncation information from ...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001180)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001180 advisory. In the Linux kernel 4.13 through 4.16.11, ext4readinlinedata in fs/ext4/inline.c performs a memcpy with an untrusted length value in certain circumstances involving ...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001584)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001584 advisory. A race condition was discovered in ext4writeinlinedataend in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. Tenable has extracted the...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001354)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001354 advisory. An issue was discovered in the Linux kernel through 4.17.10. There is a buffer overflow in truncateinlineinode in fs/f2fs/inline.c when umounting an f2fs image,...

CVE-2025-71068

In the Linux kernel, the following vulnerability has been resolved: svcrdma: bound check rqpages index in inline path svcrdmacopyinlinerange indexed rqstp-rqpagesrccurpage without verifying rccurpage stays within the allocated page array. Add guards before the first use and after advancing to a n...

svcrdma: bound check rq_pages index in inline path

...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003092)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003092 advisory. An issue was discovered in fs/f2fs/inline.c in the Linux kernel through 4.4. A denial of service out-of- bounds memory access and BUG can occur for a modified f2fs...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003407)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003407 advisory. In the Linux kernel 4.13 through 4.16.11, ext4readinlinedata in fs/ext4/inline.c performs a memcpy with an untrusted length value in certain circumstances involving ...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002587)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002587 advisory. An issue was discovered in the Linux kernel through 4.17.10. There is a buffer overflow in truncateinlineinode in fs/f2fs/inline.c when umounting an f2fs image,...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002957)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002957 advisory. In the Linux kernel 4.13 through 4.16.11, ext4readinlinedata in fs/ext4/inline.c performs a memcpy with an untrusted length value in certain circumstances involving ...

CVE-2025-71105

In the Linux kernel, the following vulnerability has been resolved: f2fs: use global inlinexattrslab instead of per-sb slab cache As Hong Yun reported in mailing list: loop7: detected capacity change from 0 to 131072 ------------ cut here ------------ kmemcache of name 'f2fsxattrentry-7:7' alread...

CVE-2025-71105

In the Linux kernel, the following vulnerability has been resolved: f2fs: use global inlinexattrslab instead of per-sb slab cache As Hong Yun reported in mailing list: loop7: detected capacity change from 0 to 131072 ------------ cut here ------------ kmemcache of name 'f2fsxattrentry-7:7' alread...