Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: nilfs2: added a missing check for inode numbers on directory entries. Syzbot reported that mounting and unmounting a specific pattern of corrupted nilfs2 filesystem images causes a use-after-free of metadata file inodes, which...

Linux Distros Unpatched Vulnerability : CVE-2026-43066

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: fix iloc.bh leak in ext4fcreplayinode error paths During code review, Joseph found that ext4fcreplayinode calls ext4getfcinodeloc to get the inode locatio...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011069)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011069 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix bugon in estreesearch caused by bad quota inode We got a issue as fllows:...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001368)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001368 advisory. An issue was discovered in fs/f2fs/inode.c in the Linux kernel through 4.17.3. A denial of service slab out-of-bounds read and BUG can occur for a modified f2fs...

UBUNTU-CVE-2022-50782

In the Linux kernel, the following vulnerability has been resolved: ext4: fix bugon in estreesearch caused by bad quota inode We got a issue as fllows: ================================================================== kernel BUG at fs/ext4/extentsstatus.c:202! invalid opcode: 0000 1 PREEMPT SMP...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990342)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990342 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix f2fsbugon when uninstalling filesystem call f2fsevictinode. creating a large files duri...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986741)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986741 advisory. In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: make sure wait for page writeback in memoryfailure Our syzkaller trigger the...

EUVD-2025-28968

Malicious code in bioql PyPI...

RLSA-2025:9348 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: proc: fix UAF in procgetinode CVE-2025-21999 kernel: ext4: fix off-by-one error in dosplit CVE-2025-23150 kernel: ext4: ignore xattrs past end CVE-2025-37738 For more details about the...

SUSE CVE-2023-53323

In the Linux kernel, the following vulnerability has been resolved: ext2/dax: Fix ext2setsize when len is page aligned PAGEALIGNx macro gives the next highest value which is multiple of pagesize. But if x is already page aligned then it simply returns x. So, if x passed is 0 in daxzerorange...

SUSE-SU-2025:03184-1 Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024164 fixes several issues. The following security issues were fixed: - CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. - CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree twice bsc1244235. - CVE-2025-38000:...

SUSE-SU-2025:03180-1 Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024141 fixes several issues. The following security issues were fixed: - CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. - CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237930. - CVE-2025-38001: netsched: hfsc: Address...

SUSE-SU-2025:03179-1 Security update for the Linux Kernel (Live Patch 39 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024161 fixes several issues. The following security issues were fixed: - CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. - CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree twice bsc1244235. - CVE-2025-38000:...

Security update for kernel-livepatch-MICRO-6-0-RT_Update_2

This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579 CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree...

Security update for kernel-livepatch-MICRO-6-0-RT_Update_4

This update for kernel-livepatch-MICRO-6-0-RTUpdate4 fixes the following issues: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579 CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree...

SUSE-SU-2025:20778-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_7

This update for kernel-livepatch-MICRO-6-0-RTUpdate7 fixes the following issues: - CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 - CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579 - CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to...

SUSE SLES15 Security Update : kernel (Live Patch 51 for SLE 15 SP3) (SUSE-SU-2025:03126-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03126-1 advisory. This update for the Linux Kernel 5.3.18-15030059185 fixes several issues. The following security issues were fixed: - CVE-2025-21999: proc: fi...

CVE-2025-38223

CVE-2025-38223 : Linux kernel fix for a kernel BUG triggered by an encrypted inode with an unaligned file size (e.g., 33K or 1K) in Ceph-related code paths. The issue manifests as a kernel OOPS/crash via a bug in ceph_msg_data_cursor_init in net/ceph/messenger.c during ceph_con_workfn processing,...

PT-2025-37202

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel where inode pages are not truncated when the hard link number is zero, specifically within the jfs filesystem. This occurs when the fileset value of t...

AZL-59604 CVE-2025-21999 affecting package kernel for versions less than 5.15.180.1-1

In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in procgetinode Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde-procops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc entry has been registered...