Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013784)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013784 advisory. In the Linux kernel, the following vulnerability has been resolved: fs: udf: fix OOB read in lengthAllocDescs handling When parsing Allocation Extent Descriptor,...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011257)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011257 advisory. In the Linux kernel, the following vulnerability has been resolved: fs: udf: fix OOB read in lengthAllocDescs handling When parsing Allocation Extent Descriptor,...

fs: udf: fix OOB read in lengthAllocDescs handling

...

EUVD-2025-36484

In the Linux kernel, the following vulnerability has been resolved: fs: udf: fix OOB read in lengthAllocDescs handling When parsing Allocation Extent Descriptor, lengthAllocDescs comes from on-disk data and must be validated against the block size. Crafted or corrupted images may set...

CVE-2025-40044 fs: udf: fix OOB read in lengthAllocDescs handling

In the Linux kernel, the following vulnerability has been resolved: fs: udf: fix OOB read in lengthAllocDescs handling When parsing Allocation Extent Descriptor, lengthAllocDescs comes from on-disk data and must be validated against the block size. Crafted or corrupted images may set...

PT-2025-44112

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.12.0-rc4-syzkaller-00261-g850925a8133c Description The Linux kernel contains a flaw within the UDF filesystem implementation. Specifically, the handling of Allocation Extent Descriptors lacks proper validation ...