Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003043)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003043 advisory. fs/ext4/inode.c in the Linux kernel before 4.6.2, when ext4 data=ordered mode is used, mishandles a needs- flushing-before-commit list, which allows local users to...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001677)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001677 advisory. drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev-buf release. Tenable has extracted the preceding description block directly from...

NewStart CGSL MAIN 6.02 : kernel Multiple Vulnerabilities (NS-SA-2023-0107)

The remote NewStart CGSL host, running version MAIN 6.02, has kernel packages installed that are affected by multiple vulnerabilities: - A vulnerability was found in the fs/inode.c:inodeinitowner function logic of the LInux kernel that allows local users to create files for the XFS file-system wi...

CVE-2022-48425

In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs...

CVE-2022-48425

In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs...

CVE-2022-48424

CVE-2022-48424 affects the Linux kernel prior to 6.1.3, where NTFS-3 file system code (fs/ntfs3/inode.c) fails to validate the attribute name offset, leading to an unhandled page fault. Affected component: NTFS-3 support in the kernel; root cause: incomplete validation of attribute name offset in...

K18129121: Linux kernel vulnerability CVE-2019-19767

Security Advisory Description The Linux kernel before 5.4.2 mishandles ext4expandextraisize, as demonstrated by use-after-free errors in ext4expandextraisize and ext4xattrsetentry, related to fs/ext4/inode.c and fs/ext4/super.c, aka CID-4ea99936a163. CVE-2019-19767 Impact There is no impact; F5...

CVE-2022-3649 Linux Kernel BPF inode.c nilfs_new_inode use after free

A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfsnewinode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch t...

CVE-2022-3649

A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfsnewinode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch t...

CVE-2022-3621 Linux Kernel nilfs2 inode.c nilfs_bmap_lookup_at_level null pointer dereference

A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfsbmaplookupatlevel of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads to null pointer dereference. It is possible to launch the attack remotely. It is...

CVE-2022-3202

A NULL pointer dereference flaw in diFree in fs/jfs/inode.c in Journaled File System JFSin the Linux kernel. This could allow a local attacker to crash the system or leak kernel internal information...

ASB-A-220261709

In devconfig of inode.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

openSUSE 15 Security Update : kernel (openSUSE-SU-2022:1037-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:1037-1 advisory. The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: -...

Design/Logic Flaw

drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev-buf release...

CVE-2022-24958

CVE-2022-24958 relates to the Linux kernel USB gadget subsystem, specifically drivers/usb/gadget/legacy/inode.c up to version 5.16.8, where dev->buf release is mishandled. The consequence is a use‑after‑free condition in the USB gadget legacy path, which can lead to a local denial of service a...

PT-2022-1608 · Linux +6 · Linux Kernel +6

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.16.5 Description: An issue was discovered in the Linux kernel, which is related to a memory leak in the yam siocdevprivate function in drivers/net/hamradio/yam.c. This issue can be exploited to cause a denial ...

CVE-2019-19770

In the Linux kernel 4.19.83, there is a use-after-free read in the debugfsremove function in fs/debugfs/inode.c which is used to remove a file or directory in debugfs that was previously created with a call to another debugfs function such as debugfscreatefile. NOTE: Linux kernel developers dispu...

CVE-2019-19767

The Linux kernel before 5.4.2 mishandles ext4expandextraisize, as demonstrated by use-after-free errors in ext4expandextraisize and ext4xattrsetentry, related to fs/ext4/inode.c and fs/ext4/super.c, aka CID-4ea99936a163...

CVE-2019-19770

In the Linux kernel 4.19.83, there is a use-after-free read in the debugfsremove function in fs/debugfs/inode.c which is used to remove a file or directory in debugfs that was previously created with a call to another debugfs function such as debugfscreatefile. NOTE: Linux kernel developers dispu...

Design/Logic Flaw

DISPUTED In the Linux kernel 4.19.83, there is a use-after-free read in the debugfsremove function in fs/debugfs/inode.c which is used to remove a file or directory in debugfs that was previously created with a call to another debugfs function such as debugfscreatefile. NOTE: Linux kernel...