CVE-2026-46054

In the Linux kernel, the following vulnerability has been resolved: selinux: fix overlayfs mmap and mprotect access checks The existing SELinux security model for overlayfs is to allow access if the current task is able to access the top level file the "user" file and the mounter's credentials ar...

USN-8255-1 linux, linux-aws, linux-aws-5.15, linux-aws-fips, linux-azure, linux-azure-fips, linux-fips, linux-gcp, linux-gcp-fips, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iot-realtime, linux-intel-iotg, linux-intel-iotg-5.15, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-igx, linux-oracle, linux-realtime vulnerabilities

Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. CVE-2023-2640 Shir Tamari and Sagi Tzadik...

CVE-2026-43117

In the Linux kernel, the following vulnerability has been resolved: btrfs: tracepoints: get correct superblock from dentry in event btrfssyncfile If overlay is used on top of btrfs, dentry-dsb translates to overlay's super block and fsid assignment will lead to a crash. Use fileinodefile-isb to...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the btrfssyncfile event. This event involves accessing the super block through dentry, without...

Astra Linux - уязвимость в linux-5.10

A use-after-free flaw was discovered in the Linux kernel’s Ext4 File System, where a user can trigger multiple file operations simultaneously using the overlay FS mechanism. This flaw allows a local user to crash the system or potentially escalate their privileges on the system. Only if patch...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007433)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007433 advisory. In the Linux kernel, the following vulnerability has been resolved: ovl: Filter invalid inodes with missing lookup function Add a check to the ovldentryweird functio...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002918)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002918 advisory. The overlayfs implementation in the Linux kernel through 4.5.2 does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by...

Linux Distros Unpatched Vulnerability : CVE-2023-54313

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ovl: fix null pointer dereference in ovlgetaclrcu Following process: P1 P2 pathopenat linkpathwalk maylookup inodepermissionrcu ovlpermission aclpermissioncheck...

CVE-2023-54313

The CVE-2023-54313 entry concerns a Linux kernel ovl filesystem NULL pointer dereference in ovl_get_acl_rcu(). The issue arises when upperdentry inode is NULL and IS_POSIXACL(realinode) dereferences a NULL realinode during ACL checks in overlay (ovl) permission handling, potentially triggering a ...

UBUNTU-CVE-2025-40237

In the Linux kernel, the following vulnerability has been resolved: fs/notify: call exportfsencodefid with sumount Calling intotifyshowfdinfo on fd watching an overlayfs inode, while the overlayfs is being unmounted, can lead to dereferencing NULL ptr. This issue was found by syzkaller. Race...

USN-7809-1: Linux kernel (Azure, N-Series) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Bus devices; - AM...

EUVD-2023-23521

Malicious code in bioql PyPI...

EUVD-2025-8469

Malicious code in bioql PyPI...

EUVD-2022-2468

Malicious code in bioql PyPI...

USN-7802-1: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Bus devices; - AM...

USN-7725-3: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Overlay file system; - Network traffic control; CVE-2025-21887, CVE-2024-57996, CVE-2025-38350, CVE-2025-37752...

Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel vulnerabilities (USN-7725-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7725-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

USN-7725-2 linux-realtime, linux-raspi-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Overlay file system; - Network traffic control; CVE-2025-21887, CVE-2024-57996, CVE-2025-38350, CVE-2025-37752...

USN-7725-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Overlay file system; - Network traffic control; CVE-2025-21887, CVE-2024-57996, CVE-2025-38350, CVE-2025-37752...

USN-7725-1 linux, linux-aws, linux-aws-6.8, linux-gcp, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-oracle, linux-oracle-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Overlay file system; - Network traffic control; CVE-2025-21887, CVE-2024-57996, CVE-2025-38350, CVE-2025-37752...