Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001394)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001394 advisory. An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in delrelocroot in fs/btrfs/relocation.c when mounting a crafted...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002703)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002703 advisory. An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in delrelocroot in fs/btrfs/relocation.c when mounting a crafted...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003216)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003216 advisory. An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in delrelocroot in fs/btrfs/relocation.c when mounting a crafted...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002238)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002238 advisory. Integer overflow in drivers/gpu/drm/i915/i915gemexecbuffer.c in the i915 driver in the Direct Rendering Manager DRM subsystem in the Linux kernel through 3.8.3, as...

Siemens Ruggedcom ROX Integer Overflow or Wraparound (CVE-2018-1000876)

binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfdgetdynamicrelocupperbound,bfdcanonicalizedynamicreloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be...

CVE-2025-68436

CVE-2025-68436 affects Craft CMS: versions 5.0.0-RC1 through 5.8.20 and 4.0.0-RC1 through 4.16.16. The issue allows authenticated users to potentially expose sensitive assets via their user profile photo through maliciously crafted requests, causing information disclosure. No exploitation details...

CVE-2025-68436 Craft CMS vulnerable to potential information disclosure via unchecked asset relocation

Craft is a platform for creating digital experiences. In versions 5.0.0-RC1 through 5.8.20 and 4.0.0-RC1 through 4.16.16, authenticated users on a Craft installation could potentially expose sensitive assets via their user profile photo via maliciously crafted requests. Users should update to the...

CVE-2025-68436 Craft CMS vulnerable to potential information disclosure via unchecked asset relocation

Craft is a platform for creating digital experiences. In versions 5.0.0-RC1 through 5.8.20 and 4.0.0-RC1 through 4.16.16, authenticated users on a Craft installation could potentially expose sensitive assets via their user profile photo via maliciously crafted requests. Users should update to the...

Craft CMS vulnerable to potential information disclosure via unchecked asset relocation

Authenticated users on a Craft installation could potentially expose sensitive assets via their user profile photo via maliciously crafted requests. Users should update to the patched versions 5.8.21 and 4.16.17 to mitigate the issue. Resources:...

Incorrect Authorization

Overview craftcms/cms is a content management system. Affected versions of this package are vulnerable to Incorrect Authorization due to unchecked asset relocation in user profile photos. Remediation Upgrade craftcms/cms to version 4.16.17, 5.8.21 or higher. References - GitHub Commit Credit: Z3r...

GHSA-53VF-C43H-J2X9 Craft CMS vulnerable to potential information disclosure via unchecked asset relocation

Authenticated users on a Craft installation could potentially expose sensitive assets via their user profile photo via maliciously crafted requests. Users should update to the patched versions 5.8.21 and 4.16.17 to mitigate the issue. Resources:...

SUSE CVE-2023-54253

In the Linux kernel, the following vulnerability has been resolved: btrfs: set page extent mapped after readfolio in relocateonepage One of the CI runs triggered the following panic assertion failed: PagePrivatepage && page-private, in fs/btrfs/subpage.c:229 ------------ cut here ------------...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993031)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993031 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: unset reloc control if transaction commit fails in preparetorelocate In...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993173)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993173 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: fix a NULL pointer dereference when failed to start a new trasacntion BUG Syzbot reported ...

CVE-2023-54253

In the Linux kernel, the following vulnerability has been resolved: btrfs: set page extent mapped after readfolio in relocateonepage One of the CI runs triggered the following panic assertion failed: PagePrivatepage && page-private, in fs/btrfs/subpage.c:229 ------------ cut here ------------...

CVE-2023-54253

In the Linux kernel, the following vulnerability has been resolved: btrfs: set page extent mapped after readfolio in relocateonepage One of the CI runs triggered the following panic assertion failed: PagePrivatepage && page-private, in fs/btrfs/subpage.c:229 ------------ cut here ------------...

UBUNTU-CVE-2023-54253

In the Linux kernel, the following vulnerability has been resolved: btrfs: set page extent mapped after readfolio in relocateonepage One of the CI runs triggered the following panic assertion failed: PagePrivatepage && page-private, in fs/btrfs/subpage.c:229 ------------ cut here ------------...

CVE-2023-54253

The CVE describes a Linux kernel bug in Btrfs relocation: calling set_page_extent_mapped before validating the folio/page can trigger a kernel BUG during relocate_one_page. The fix, as noted in the description, is to move set_page_extent_mapped to after the btrfs_read_folio block so the subpage b...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992521)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992521 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: unset reloc control if transaction commit fails in preparetorelocate In...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992613)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992613 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: unset reloc control if transaction commit fails in preparetorelocate In...