Ubuntu 24.04 LTS : Linux kernel (FIPS) vulnerabilities (USN-8296-1)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8296-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...

SUSE CVE-2023-53526

In the Linux kernel, the following vulnerability has been resolved: jbd2: check 'jh-btransaction' before removing it from checkpoint Following process will corrupt ext4 image: Step 1: jbd2journalcommittransaction jbd2journalinsertcheckpointjh, committransaction // Put jh into trans1-tcheckpointli...

OESA-2026-2419 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Validate L2CAPINFORSP payload length before access l2capinformationrsp checks that cmdlen covers the fixed l2capinforsp header type + result, 4...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: Fixed a bug in ext4mbnew inodepa due to overflow. When calculating the end position of ext4freeextent, this position might be exactly where ext4lblkt i.e., a uint overflows. For example, if acgex.felogical is 4294965248 and...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ext4: Silence the warning when evicting an inode with dioreadnolock When evicting an inode with the default dioreadnolock setting, it may cause problems because the unwritten extents are converted by the kworker after writeback,...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ext4: fixed a deadlock issue when converting an inline directory in nojournal mode In nojournal mode, ext4finishconvertinlinedir can cause a self-deadlock by calling ext4handledirtydirblock after having already taken the...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: In ext4, the “set goal start” operation is performed correctly in ext4mbnormalizerequest. We need to set acgex to notify the goal start used in ext4mbfindbygoal. Set acgex instead of acfex in ext4mbnormalizerequest. Additionally,...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed an out-of-bound read in ext4xattrinodedecrefall. The issue is as follows: BUG: KASAN: Use-after-free in ext4xattr inodedecrefall+0x6ff/0x790. A read of size 4 was performed at address ffff88807b003000 by the task...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: Correct group validation in ext4mbgoodgroup. The group corruption check will access memory related to the grp structure. This can lead to a kernel crash if grp is set to NULL. Therefore, perform a NULL check before the...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: ext4: Fix deadlock due to corruption of mbcache entries When manipulating xattr blocks, a deadlock can occur due to infinite loops within ext4xattrblockset. In this process, we continuously try to reuse xattr blocks for mbcache,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ext4: Fix potential null dereferencing in ext4mbinit. In ext4mbinit, the function ext4mbavgfragmentsizedestroy may be called when sbi-smbavgfragmentsize remains uninitialized e.g., if the groupinfo slab cache allocation fails...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: Quota: Fixed a warning in dqgrab. The following issue occurs during fault injection: WARNING: CPU: 1 PID: 14870 at include/linux/quotaops.h:51 dquotdisable+0x13b7/0x18c0 Modules linked in: CPU: 1 PID: 14870 Comm: fsconfig Not...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: Filesystems without the casefold feature cannot be mounted with siphash. When mounting the ext4 filesystem, if the default hash version is set to DXHASHSIPHASH, but the casefold feature is not enabled, exit the mounting...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: ext4: Avoid resizing to a partial cluster size This patch prevents attempts to resize the filesystem to a cluster boundary that is not an integer multiple of the cluster size. Online resizing to a size that is not integral to the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: In ext4, it was determined that it is not allowed for the journal inode to have the “encrypt” flag. Mounting a filesystem whose journal inode has the “encrypt” flag causes a NULL dereference in fscryptlimitioblocks when the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ext4: Fix for out-of-bounds punch offset Punching a hole with a start offset that exceeds maxend is not allowed. This will result in a negative length in the truncateinodepartialfolio function when truncating the page cache,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed the use of inodes after freeing them in ext4endiorsvwork. In ext4ioenddefercompletion, a check is performed to ensure that ioend-listvec is empty, thereby avoiding adding an ioend that does not require any conversi...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: The block range must be validated before being used in ext4mbclearbb. The block range to be freed is validated in ext4freeblocks using ext4 inodeblockvalid, and then it is passed to ext4mbclearbb. However, in some situation...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: Update sjournalinum if it changes after journal replay. When mounting a crafted ext4 image, sjournalinum may change after journal replay. This is obviously unreasonable, because we have successfully loaded and replayed the...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: Fixed the issue where idisksize can exceed isize in partially written cases. It is possible for idisksize to exceed isize, triggering a warning. The code includes the following steps: - genericperformwrite: Copied =...