Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990369)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990369 advisory. In the Linux kernel, the following vulnerability has been resolved: jffs2: Prevent rtime decompress memory corruption The rtime decompression routine does not fully...

EUVD-2025-20918

Malicious code in bioql PyPI...

EUVD-2025-20062

Malicious code in bioql PyPI...

CVE-2025-38328 jffs2: check jffs2_prealloc_raw_node_refs() result in few other places

In the Linux kernel, the following vulnerability has been resolved: jffs2: check jffs2preallocrawnoderefs result in few other places Fuzzing hit another invalid pointer dereference due to the lack of checking whether jffs2preallocrawnoderefs completed successfully. Subsequent logic implies that t...

CVE-2025-38328

CVE-2025-38328 concerns the Linux kernel JFFS2 subsystem. The issue arises from insufficient validation after jffs2_prealloc_raw_node_refs() completion, allowing a null pointer dereference in jffs2_link_node_ref and leading to a local, attacker-controlled disruption as described by the Syzkaller ...

CVE-2025-38194

In the Linux kernel, the following vulnerability has been resolved: jffs2: check that raw node were preallocated before writing summary Syzkaller detected a kernel bug in jffs2linknoderef, caused by fault injection in jffs2preallocrawnoderefs. jffs2sumwritesumnode doesn't check return value of...

CVE-2025-38194

In the Linux kernel, the following vulnerability has been resolved: jffs2: check that raw node were preallocated before writing summary Syzkaller detected a kernel bug in jffs2linknoderef, caused by fault injection in jffs2preallocrawnoderefs. jffs2sumwritesumnode doesn't check return value of...

Linux Distros Unpatched Vulnerability : CVE-2022-49381

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jffs2: fix memory leak in jffs2dofillsuper If jffs2iget or dmakeroot in jffs2dofillsuper returns an error, we can observe the following kmemleak report:...

CVE-2021-47656 jffs2: fix use-after-free in jffs2_clear_xattr_subsystem

In the Linux kernel, the following vulnerability has been resolved: jffs2: fix use-after-free in jffs2clearxattrsubsystem When we mount a jffs2 image, assume that the first few blocks of the image are normal and contain at least one xattr-related inode, but the next block is abnormal. As a result...

CVE-2021-47656 jffs2: fix use-after-free in jffs2_clear_xattr_subsystem

In the Linux kernel, the following vulnerability has been resolved: jffs2: fix use-after-free in jffs2clearxattrsubsystem When we mount a jffs2 image, assume that the first few blocks of the image are normal and contain at least one xattr-related inode, but the next block is abnormal. As a result...

CVE-2024-57850

In the Linux kernel, the following vulnerability has been resolved: jffs2: Prevent rtime decompress memory corruption The rtime decompression routine does not fully check bounds during the entirety of the decompression pass and can corrupt memory outside the decompression buffer if the compressed...

CVE-2024-42115

In the Linux kernel, the following vulnerability has been resolved: jffs2: Fix potential illegal address access in jffs2freeinode During the stress testing of the jffs2 file system,the following abnormal printouts were found: 2430.649000 Unable to handle kernel paging request at virtual address...