CVE-2026-52962

A flaw was found in the Linux kernel, specifically within the Ceph file system's extended attribute handling. A buffer leak occurs in the cephsetxattr function because a previously allocated buffer oldblob is not properly released. This can lead to resource exhaustion over time, potentially causi...

CVE-2026-53041

A flaw was found in the Linux kernel's Oracle Cluster File System version 2 OCFS2. When an OCFS2 inode has both inline and and block-based extended attributes xattrs, the listxattr function can return a size larger than the caller's buffer. This incorrect size handling can lead to a kernel bug an...

CVE-2026-52944

The CVE-2026-52944 entry concerns ksmbd in the Linux kernel where FSCTL_SET_SPARSE can bypass permissions, allowing a client on a read-only share to modify the sparse attribute, and potentially allowing clients on writable shares to change it without FILE_WRITE_DATA or FILE_WRITE_ATTRIBUTES right...

kernel: xfs: fix freemap adjustments when adding xattrs to leaf blocks

A flaw was found in the Linux kernel's XFS filesystem. When adding extended attributes xattrs, which are metadata associated with files, to leaf blocks, incorrect adjustments to the freemap can occur. This inconsistency allows the entries array and free space to overlap, leading to an assertion...

kernel: xfs: fix freemap adjustments when adding xattrs to leaf blocks

A flaw was found in the Linux kernel's XFS filesystem. When adding extended attributes xattrs, which are metadata associated with files, to leaf blocks, incorrect adjustments to the freemap can occur. This inconsistency allows the entries array and free space to overlap, leading to an assertion...

Astra Linux – Vulnerability in Samba

The Samba vfsfruit module utilizes extended file attributes EA, xattr to enhance compatibility with Apple SMB clients and interoperability with Netatalk 3 AFP file servers. Samba versions prior to 4.13.17, 4.14.12, and 4.15.5, when vfsfruit was configured, allowed out-of-bounds heap read and writ...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: jfs: fixed a slab-out-of-bounds read in eaget During the “sizecheck” step in eaget, the code checks whether the extended attribute list xattr size matches easize. If not, it logs “eaget: invalid extended attribute” and calls...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ext4: fix invalid free tracking in ext4xattrMoveToBlock In ext4xattrMoveToBlock, the value of the extended attribute that we need to move to an external block may be allocated by kvmalloc if the value is stored in an external...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Buffer validation was corrected by including the size of the null-terminating character in the EA length. The smb2setea function, which handles Extended Attributes EA, conducted buffer validation checks that incorrectly...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: Do not create EA inodes under the buffer lock The ext4xattrsetentry function creates new EA inodes while holding the buffer lock on the external xattr block. This is problematic because all allocation-related locking...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Return error for inconsistent extended attributes The ntfsreadea function is called when we want to read extended attributes. There are some sanity checks for the validity of the EAs. However, it fails to return a...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: IMA: Do not clear the IMADIGSIG flag when setting or removing non-IMA xattr. Currently, when both IMA and EVM are in “fix” mode, the IMA signature will be reset to the IMA hash if a program first stores the IMA signature in...

Astra Linux – Vulnerability in Linux

A flaw was discovered in the JFS filesystem code within the Linux kernel, which allows a local attacker to cause the system to panic by enabling the ability to set extended attributes. This can lead to memory corruption or an escalation of privileges. The most significant threat posed by this...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Initializing quotas for ‘old.inode’ in ‘ext4rename’. Syzbot identified the following issues: - ext4parseparam: swantextraisize=128 - ext4inodeinfoinit: swantextraisize=32 - ext4rename: old.inode=ffff88823869a2c8;...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: f2fs: Explicitly terminate the xattr list with a null character. When setting an xattr, ensure that the xattr list is explicitly terminated with a null character. This eliminates the fragile assumption that the unused xattr space...

Astra Linux – Vulnerability in tar

In GNU tar before version 1.35, mishandling of extension attributes in a PAX archive can cause the application to crash in xheader.c...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: Fixed the sanity check on ixattrnid in sanitycheck inode. syzbot reports a kernel bug as follows: F2FS-fs loop0: Mounted with checkpoint version = 48b305e4 ========================================== BUG: KASAN:...

kernel: xfs: fix freemap adjustments when adding xattrs to leaf blocks

A flaw was found in the Linux kernel's XFS filesystem. When adding extended attributes xattrs, which are metadata associated with files, to leaf blocks, incorrect adjustments to the freemap can occur. This inconsistency allows the entries array and free space to overlap, leading to an assertion...

kernel: xfs: fix freemap adjustments when adding xattrs to leaf blocks

A flaw was found in the Linux kernel's XFS filesystem. When adding extended attributes xattrs, which are metadata associated with files, to leaf blocks, incorrect adjustments to the freemap can occur. This inconsistency allows the entries array and free space to overlap, leading to an assertion...

kernel: xfs: fix freemap adjustments when adding xattrs to leaf blocks

A flaw was found in the Linux kernel's XFS filesystem. When adding extended attributes xattrs, which are metadata associated with files, to leaf blocks, incorrect adjustments to the freemap can occur. This inconsistency allows the entries array and free space to overlap, leading to an assertion...