Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013019)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013019 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: detect invalid INLINEDATA + EXTENTS flag combination syzbot reported a BUGON in...

UBUNTU-CVE-2025-68809

In the Linux kernel, the following vulnerability has been resolved: ksmbd: vfs: fix race on mflags in vfscache ksmbd maintains delete-on-close and pending-delete state in ksmbdinode-mflags. In vfscache.c this field is accessed under inconsistent locking: some paths read and modify mflags under...

CVE-2025-68809 ksmbd: vfs: fix race on m_flags in vfs_cache

In the Linux kernel, the following vulnerability has been resolved: ksmbd: vfs: fix race on mflags in vfscache ksmbd maintains delete-on-close and pending-delete state in ksmbdinode-mflags. In vfscache.c this field is accessed under inconsistent locking: some paths read and modify mflags under...

UBUNTU-CVE-2025-68349

In the Linux kernel, the following vulnerability has been resolved: NFSv4/pNFS: Clear NFSINOLAYOUTCOMMIT in pnfsmarklayoutstateidinvalid Fixes a crash when layout is null during this call stack: writeinode - nfs4writeinode - pnfslayoutcommitinode pnfssetlayoutcommit relies on the lseg refcount to...

UBUNTU-CVE-2025-40167

In the Linux kernel, the following vulnerability has been resolved: ext4: detect invalid INLINEDATA + EXTENTS flag combination syzbot reported a BUGON in ext4escacheextent when opening a verity file on a corrupted ext4 filesystem mounted without a journal. The issue is that the filesystem has an...

CVE-2025-40167 ext4: detect invalid INLINE_DATA + EXTENTS flag combination

In the Linux kernel, the following vulnerability has been resolved: ext4: detect invalid INLINEDATA + EXTENTS flag combination syzbot reported a BUGON in ext4escacheextent when opening a verity file on a corrupted ext4 filesystem mounted without a journal. The issue is that the filesystem has an...

CVE-2025-40167

CVE-2025-40167 affects the Linux kernel ext4 filesystem. The issue occurs when an inode has both INLINE_DATA and EXTENTS flags set, causing ext4_es_cache_extent() to BUG_ON due to unvalidated out-of-order extents while opening a verity file on a corrupted ext4 FS mounted without a journal. Invest...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-395439)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-395439 advisory. In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix state management in error path of log writing function After commit a694291a6211...

The vulnerability of the f2fs component of the Linux operating system’s kernel, which allows a hacker to cause a service failure

The vulnerability of the f2fs component of the Linux operating system’s kernel is related to the assignment of the NULL pointer in the f2fsset inodeflags function. Exploiting this vulnerability can allow a hacker to trigger a service failure...

UBUNTU-CVE-2024-47679

In the Linux kernel, the following vulnerability has been resolved: vfs: fix race between eviceinodes and findinode&iput Hi, all Recently I noticed a bug1 in btrfs, after digged it into and I believe it'a race in vfs. Let's assume there's a inode ie ino 261 with icount 1 is called by iput, and...

kernel: ext4: fix uninititialized value in 'ext4_evict_inode'

An uninitialized variable flaw was found in the Linux kernel's ext4 filesystem in the inode eviction path. A local user can trigger this issue by creating filesystem operations that cause inode allocation to fail before the iflags field is initialized, followed by inode cleanup that attempts to...