11 matches found
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from ext4 in parseapplysbmountoptions that could lead to a memory leak...
CLSA-2025-1736778632 kernel: Fix of 17 CVEs
tracing: Free buffers when a used dynamic event is removed CVE-2022-49006 - ASoC: ops: Check bounds for second channel in sndsocputvolswsx CVE-2022-48951 - ext4: fix slab-use-after-free in ext4splitextentat CVE-2024-49884 - ext4: fix bug on in ext4escacheextent as ext4splitextentat failed...
ext4: fix i_data_sem unlock order in ext4_ind_migrate()
...
ext4: check stripe size compatibility on remount as well
...
kernel: ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found()
A vulnerability was found in the ext4mbtrybestfound function in the Linux kernel. This issue could lead to memory corruption or crashes due to the allocation of blocks from a group with a corrupted block bitmap...
kernel: Linux kernel (ext4): Denial of Service due to inode leak via failed extended attribute creation
A flaw was found in the Linux kernel's ext4 filesystem. A local user can exploit this vulnerability by performing a setxattr operation with an injected fault, specifically when ext4markinodedirty fails within the ext4xattrinodecreate function. This can lead to an inode leak, resulting in filesyst...
kernel: ext4: fix rbtree traversal bug in ext4_mb_use_preallocated
A flaw was identified in the ext4 filesystem’s block preallocation allocator in the Linux kernel. During allocation, the code traverses an rbtree of per-inode preallocations.Concurrently, the helper ext4mbdiscardgrouppreallocation can mark PAs as deleted, which may cause a naive rbtree traversal ...
kernel: ovl: fix use after free in struct ovl_aio_req
A use-after-free flaw was found in the Linux kernel’s Ext4 File System in how a user triggers several file operations simultaneously with the overlay FS usage. This flaw allows a local user to crash or potentially escalate their privileges on the system. Only if patch 9a2544037600 "ovl: fix use...
An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.
...
Important: kernel-livepatch-4.14.177-139.253
Issue Overview: In the Linux kernel 5.0.21, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4xattrsetentry use-after-free in fs/ext4/xattr.c when a large oldsize value is used in a memset call. CVE-2019-19319 Affected...
UBUNTU-CVE-2011-4132
The cleanupjournaltail function in the Journaling Block Device JBD functionality in the Linux kernel 2.6 allows local users to cause a denial of service assertion error and kernel oops via an ext3 or ext4 image with an "invalid log first block value."...