1716 matches found
kernel: ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr
In the Linux kernel, the following vulnerability has been resolved: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr Currently when both IMA and EVM are in fix mode, the IMA signature will be reset to IMA hash if a program first stores IMA signature in security.ima and then...
Linux Distros Unpatched Vulnerability : CVE-2026-53174
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ovl: keep err zero after successful ovlcacheget ovliteratemerged stores PTRERRcache in err before checking ISERRcache. On success err holds the truncated cache...
vlc-vp9-reschange-crash-poc
VLC VP9 Resolution-Change Crash PoC This repository contains...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: btrfs: fixed a transaction abort during file creation due to name hash collisions. If we attempt to create several files with names that result in the same hash, we must package them in the same directory item, and there is a...
SUSE CVE-2026-45990
In the Linux kernel, the following vulnerability has been resolved: slub: fix data loss and overflow in krealloc Commit 2cd8231796b5 "mm/slub: allow to set node and align in kvrealloc" introduced the ability to force a reallocation if the original object does not satisfy new alignment or NUMA nod...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: kernfs: A use-after-free issue has been fixed in kernfsremove. Syzkaller managed to trigger concurrent calls to kernfsremovebynamens for the same file, resulting in a KASAN detected use-after-free. This race condition occurs...
SUSE CVE-2026-43361
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix transaction abort when snapshotting received subvolumes Currently a user can trigger a transaction abort by snapshotting a previously received snapshot a bunch of times until we reach a BTRFSUUIDKEYRECEIVEDSUBVOL item...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005742)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005742 advisory. In the Linux kernel, the following vulnerability has been resolved: kernfs: fix use-after-free in kernfsremove Syzkaller managed to trigger concurrent calls to...
Azure Linux 3.0 Security Update: kernel (CVE-2025-38260)
"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38260 advisory. - In the Linux kernel, the following vulnerability has been resolved: btrfs: handle csum tree error with...
EUVD-2025-205086
In the Linux kernel, the following vulnerability has been resolved: md: init bioset in mddevinit IO operations may be needed before mdrun, such as updating metadata after writing sysfs. Without bioset, this triggers a NULL pointer dereference as below: BUG: kernel NULL pointer dereference, addres...
CVE-2025-68340
In the Linux kernel, the following vulnerability has been resolved: team: Move team device type change at the end of teamportadd Attempting to add a port device that is already up will expectedly fail, but not before modifying the team device headerops. In the case of the syzbot reproducer the gr...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Correctly handled csum tree errors with rescue=ibadroots. BUG There is a syzbot-based reproducer that can cause the kernel to crash. The call trace is as follows with some debug output added: DEBUG: rescue=ibadroots...
UBUNTU-CVE-2022-50432
In the Linux kernel, the following vulnerability has been resolved: kernfs: fix use-after-free in kernfsremove Syzkaller managed to trigger concurrent calls to kernfsremovebynamens for the same file resulting in a KASAN detected use-after-free. The race occurs when the root node is freed during...
UBUNTU-CVE-2023-53260
In the Linux kernel, the following vulnerability has been resolved: ovl: fix null pointer dereference in ovlpermission Following process: P1 P2 pathlookupat linkpathwalk inodepermission ovlpermission ovlipathrealinode, &realpath path-dentry = ovlidentryupperinode dropcache dentrykillovldentry...
CVE-2023-53260 ovl: fix null pointer dereference in ovl_permission()
In the Linux kernel, the following vulnerability has been resolved: ovl: fix null pointer dereference in ovlpermission Following process: P1 P2 pathlookupat linkpathwalk inodepermission ovlpermission ovlipathrealinode, &realpath path-dentry = ovlidentryupperinode dropcache dentrykillovldentry...
SUSE CVE-2025-39744
In the Linux kernel, the following vulnerability has been resolved: rcu: Fix rcureadunlock deadloop due to IRQ work During rcureadunlockspecial, if this happens during irqexit, we can lockup if an IPI is issued. This is because the IPI itself triggers the irqexit path causing a recursive lock up...
Linux Distros Unpatched Vulnerability : CVE-2025-38709
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - loop: Avoid updating block size under exclusive owner Syzbot came up with a reproducer where a loop device block size is changed underneath a mounted filesystem...
AZL-71257 CVE-2025-38709 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: loop: Avoid updating block size under exclusive owner Syzbot came up with a reproducer where a loop device block size is changed underneath a mounted filesystem. This causes a mismatch between the block device block size and the...
CVE-2025-38709
In the Linux kernel, the following vulnerability has been resolved: loop: Avoid updating block size under exclusive owner Syzbot came up with a reproducer where a loop device block size is changed underneath a mounted filesystem. This causes a mismatch between the block device block size and the...
Linux Distros Unpatched Vulnerability : CVE-2025-38260
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: btrfs: handle csum tree error with rescue=ibadroots correctly BUG There is syzbot based...