Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005180)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005180 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix slab-use-after-free due to dangling pointer dqipriv When mounting ocfs2 and then...

CVE-2025-40138

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid NULL pointer dereference in f2fscheckquotaconsistency syzbot reported a f2fs bug as below: Oops: gen 107.736417 T5848 Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 ...

Linux Distros Unpatched Vulnerability : CVE-2025-40138

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid NULL pointer dereference in f2fscheckquotaconsistency syzbot reported a...

EUVD-2025-124945

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid NULL pointer dereference in f2fscheckquotaconsistency syzbot reported a f2fs bug as below: Oops: gen 107.736417 T5848 Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 ...

CVE-2025-40138

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid NULL pointer dereference in f2fscheckquotaconsistency syzbot reported a f2fs bug as below: Oops: gen 107.736417 T5848 Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 ...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989053)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989053 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: quota: fix loop condition at f2fsquotasync cnt should be passed to sbhasquotaactive instead...

CVE-2025-47793 Nextcloud Server and Groupfolders app vulnerable to bypass of group folder quota limit using attachment in text file

Nextcloud Server is a self hosted personal cloud system, and the Nextcloud Groupfolders app provides admin-configured folders shared by everyone in a group or team. In Nextcloud Server prior to 30.0.2, 29.0.9, and 28.0.1, Nextcloud Enterprise Server prior to 30.0.2 and 29.0.9, and Nextcloud...

DEBIAN-CVE-2022-49282

In the Linux kernel, the following vulnerability has been resolved: f2fs: quota: fix loop condition at f2fsquotasync cnt should be passed to sbhasquotaactive instead of type to check active quota properly. Moreover, when the type is -1, the compiler with enough inline knowledge can discard...

CVE-2022-49282 f2fs: quota: fix loop condition at f2fs_quota_sync()

In the Linux kernel, the following vulnerability has been resolved: f2fs: quota: fix loop condition at f2fsquotasync cnt should be passed to sbhasquotaactive instead of type to check active quota properly. Moreover, when the type is -1, the compiler with enough inline knowledge can discard...

CVE-2023-34323

When a transaction is committed, C Xenstored will first check the quota is correct before attempting to commit any nodes. It would be possible that accounting is temporarily negative if a node has been removed outside of the transaction. Unfortunately, some versions of C Xenstored are assuming th...

Xen: A transaction conflict can crash C Xenstored (XSA-440)

When a transaction is committed, C Xenstored will first check the quota is correct before attempting to commit any nodes. It would be possible that accounting is temporarily negative if a node has been removed outside of the transaction. Unfortunately, some versions of C Xenstored are assuming th...

xenstored: A transaction conflict can crash C Xenstored

ISSUE DESCRIPTION When a transaction is committed, C Xenstored will first check the quota is correct before attempting to commit any nodes. It would be possible that accounting is temporarily negative if a node has been removed outside of the transaction. Unfortunately, some versions of C Xenstor...

Moodle 资源管理错误漏洞

Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. Moodle security vulnerability, which stems from not checking the size of the extracted zip file against the available user quota before...