5178 matches found
Medium: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: ext4: drop extent cache when splitting extent fails CVE-2026-45899 In the Linux kernel, the following vulnerability has been resolved: ext4: fix dirtyclusters double decrement on fs shutdown CVE-2026-45920 In the...
Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.15-2026-108 (ALASKERNEL-5.15-2026-108)
The version of kernel installed on the remote host is prior to 5.15.204-143.229. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2026-108 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: drop extent cache when splitti...
SUSE SLES12 Security Update : kernel (SUSE-SU-2026:2450-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2450-1 advisory. The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-10263:...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed another “off-by-one” issue with the fsmap for 1k-block file systems. It seems that syzbot discovered that issuing the FSMAP call as follows: c struct fsmaphead cmd = .fmhcount = ...; .fmhkeys = .fmrdevice = / ext4...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ext4: Fix for accessing an uninitialized lock in the fc replay path. The following kernel trace can be triggered with fstest generic/629 when executed against a filesystem with the fast-commit feature enabled: INFO: Trying to...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ext4: fixed a race condition between ext4write and ext4convertinlinedata Hulk Robot reported a BUG: ================================================================== EXT4-fs error device loop3: ext4mbgeneratebuddy:805: group 0,...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ext4: inline: fix len overflow in ext4prepareInlinedata When running the following code on an ext4 filesystem with the inlinedata feature enabled, the following bug will occur. fd = open"file1", ORDWR | OCREAT | OTRUNC, 0666;...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ext4: Turn quotas off if mount fails after enabling quotas Yi discovered during a review of the patch “ext4: Don’t report errors with inconsistent journal features” that when ext4markrecoverycomplete returns an error value, the...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: ext4: fixed an issue where the buffer of extents was freed twice. In ext4exttrytomergeup, the path1.pbh was set to NULL after it was released. Otherwise, it might be released twice. An example of what triggers this is as...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ext4: Avoid cycles in the h-tree A maliciously corrupted filesystem can contain cycles in the h-tree stored inside a directory. This can easily lead to the kernel corrupting tree nodes that have already been verified during...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ext4: Improved error handling for ext4dirhash The ext4dirhash function almost never fails, especially since the “hash tree” feature was first introduced. However, with the addition of support for encrypted, case-folded file names...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ext4: Fixed a double-free of blocks due to incorrect movedlen values during extent movements. In ext4moveextents, movedlen is updated only when all movements are successfully executed. It also discards preallocations of originode...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ext4: Avoid journaling SB updates in case the journal destroys itself. Currently, we always encounter a BUGON issue when attempting to start a transaction on a journal marked with JBD2UNMOUNT, since this should never happen...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed a use-after-free in ext4orphancleanup. I identified the issue as follows: BUG: KASAN: Use-after-free in listaddvalid+0x28/0x1a0. Read of size 8 at address ffff88814b13f378 by task mount/710. CPU: 1 PID: 710 Comm:...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ext4: Avoid allocating blocks from a group with a corrupted block bitmap in ext4mbtrybestfound. Determine whether the group block bitmap is corrupted before using acbex in ext4mbtrybestfound to prevent allocating blocks from a...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fixed memory leaks in ext4fnamesetupfilename,preparelookup. If filename case-folding fails, we will be leaking memory from the fscryptname struct, specifically from the 'cryptobuf.name' member. Make sure we free this memory...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ext4: fixed a warning in ext4iomapbegin due to a race between bmap and write The issue occurs as follows: ------------ cut here ------------ WARNING: CPU: 3 PID: 9310 at fs/ext4/inode.c:3441 ext4iomapbegin+0x182/0x5d0 RIP:...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ext4: Do not create EA inodes under the buffer lock The ext4xattrsetentry function creates new EA inodes while holding the buffer lock on the external xattr block. This is problematic because all allocation-related locking...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ext4: Remove ppath from ext4extreplayupdateex to avoid double-free. When calling ext4forcesplitextentat&ppath in ext4extreplayupdateex, ppath is updated, but it is path that is freed. This potentially triggers a double-free in th...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: ext4: fixed a warning in ext4handleinodeextension We encountered the following issues: EXT4-fs error device loop0 in ext4reserveinodewrite:5741: Out of memory EXT4-fs error device loop0: ext4setattr:5462: inode 13: comm...