Lucene search
+L

2422 matches found

cve
cve
added 2026/05/01 1:56 p.m.34 views

CVE-2026-31715

In Linux kernel (f2fs), CVE-2026-31715 is a use-after-free triggered by decrementing sbi->nr_pages[] during F2FS_WB_CP_DATA handling. The root cause is that f2fs_put_super() calls iput(sbi->node_inode) and NULLs the node_inode after the counter reaches zero, allowing f2fs_in_warm_node_list(...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References8Affected Software1
cvelist
cvelist
added 2026/05/01 1:56 p.m.38 views

CVE-2026-31715 f2fs: fix UAF caused by decrementing sbi->nr_pages[] in f2fs_write_end_io()

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix UAF caused by decrementing sbi-nrpages in f2fswriteendio The xfstests case "generic/107" and syzbot have both reported a NULL pointer dereference. The concurrent scenario that triggers the panic is as follows:...

0.0012EPSS
Exploits0References8
cvelist
cvelist
added 2026/05/01 1:56 p.m.34 views

CVE-2026-31714 f2fs: fix to avoid memory leak in f2fs_rename()

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid memory leak in f2fsrename syzbot reported a f2fs bug as below: BUG: memory leak unreferenced object 0xffff888127f70830 size 16: comm "syz.0.23", pid 6144, jiffies 4294943712 hex dump first 16 bytes: 3c af 57 72...

0.00114EPSS
Exploits0References5
cve
cve
added 2026/05/01 1:56 p.m.26 views

CVE-2026-31714

The CVE-2026-31714 issue affects the Linux kernel F2FS component, where a memory leak occurs in f2fs_rename() due to an unpaired call to f2fs_free_filename() after f2fs_setup_filename() was added in commit 40b2d55e0452. Exploitation details are local (AV:L/AC:L) with a high availability impact (A...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References5Affected Software1
debiancve
debiancve
added 2026/05/01 1:56 p.m.6 views

CVE-2026-31714

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid memory leak in f2fsrename syzbot reported a f2fs bug as below: BUG: memory leak unreferenced object 0xffff888127f70830 size 16: comm "syz.0.23", pid 6144, jiffies 4294943712 hex dump first 16 bytes: 3c af 57 72...

5.5CVSS5.7AI score0.00114EPSS
Exploits0
euvd
euvd
added 2026/05/01 1:56 p.m.14 views

EUVD-2026-26523

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid memory leak in f2fsrename syzbot reported a f2fs bug as below: BUG: memory leak unreferenced object 0xffff888127f70830 size 16: comm "syz.0.23", pid 6144, jiffies 4294943712 hex dump first 16 bytes: 3c af 57 72...

5.8AI score0.00114EPSS
Exploits0References5
osv
osv
added 2026/05/01 1:56 p.m.2 views

CVE-2026-31714 f2fs: fix to avoid memory leak in f2fs_rename()

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid memory leak in f2fsrename syzbot reported a f2fs bug as below: BUG: memory leak unreferenced object 0xffff888127f70830 size 16: comm "syz.0.23", pid 6144, jiffies 4294943712 hex dump first 16 bytes: 3c af 57 72...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References8
debiancve
debiancve
added 2026/05/01 1:56 p.m.6 views

CVE-2026-31702

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix use-after-free of sbi in f2fscompresswriteendio In f2fscompresswriteendio, decpagecountsbi, type can bring the F2FSWBCPDATA counter to zero, unblocking f2fswaitonallpages in f2fsputsuper on a concurrent unmount CPU. The...

7.8CVSS5.7AI score0.00119EPSS
Exploits0
attackerkb
attackerkb
added 2026/05/01 1:56 p.m.6 views

CVE-2026-31702

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix use-after-free of sbi in f2fscompresswriteendio In f2fscompresswriteendio, decpagecountsbi, type can bring the F2FSWBCPDATA counter to zero, unblocking f2fswaitonallpages in f2fsputsuper on a concurrent unmount CPU. The...

7.8CVSS5.7AI score0.00119EPSS
Exploits0References6Affected Software1
euvd
euvd
added 2026/05/01 1:56 p.m.11 views

EUVD-2026-26511

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix use-after-free of sbi in f2fscompresswriteendio In f2fscompresswriteendio, decpagecountsbi, type can bring the F2FSWBCPDATA counter to zero, unblocking f2fswaitonallpages in f2fsputsuper on a concurrent unmount CPU. The...

7.8CVSS5.8AI score0.00119EPSS
Exploits0References5
cvelist
cvelist
added 2026/05/01 1:56 p.m.40 views

CVE-2026-31702 f2fs: fix use-after-free of sbi in f2fs_compress_write_end_io()

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix use-after-free of sbi in f2fscompresswriteendio In f2fscompresswriteendio, decpagecountsbi, type can bring the F2FSWBCPDATA counter to zero, unblocking f2fswaitonallpages in f2fsputsuper on a concurrent unmount CPU. The...

0.00119EPSS
Exploits0References6
osv
osv
added 2026/05/01 1:56 p.m.2 views

CVE-2026-31702 f2fs: fix use-after-free of sbi in f2fs_compress_write_end_io()

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix use-after-free of sbi in f2fscompresswriteendio In f2fscompresswriteendio, decpagecountsbi, type can bring the F2FSWBCPDATA counter to zero, unblocking f2fswaitonallpages in f2fsputsuper on a concurrent unmount CPU. The...

7.8CVSS5.8AI score0.00119EPSS
Exploits0References9
osv
osv
added 2026/05/01 12:8 p.m.15 views

CLSA-2026-1777637310 Fix of 13 CVEs

CVE-2026-31431 - crypto: authencesn - reject too-short AAD assoclen8 to match ESP/ESN spec CVE-2026-31431 - crypto: scatterwalk - Backport memcpysglist CVE-2026-31431 - crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption CVE-2026-31431 - crypto: authencesn - Fix src...

7.8CVSS7.1AI score0.96267EPSS
Exploits230References1
cnnvd
cnnvd
added 2026/05/01 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the improper order of calls to decpagecount in f2fscompresswriteendio. This could lead to accessi...

7.8CVSS5.8AI score0.00119EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/05/01 12:0 a.m.7 views

PT-2026-36345

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free condition exists in the f2fs component of the Linux kernel. The issue occurs in the f2fs write end io function when sbi-nr pagesF2FS WB CP DATA is decremented to zero...

9.8CVSS6.1AI score0.00501EPSS
Exploits23References297
ptsecurity
ptsecurity
added 2026/05/01 12:0 a.m.12 views

PT-2026-36332

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the f2fs compress write end io function. The dec page countsbi, type function can reduce the F2FS WB CP DATA counter to zero, which may unblock f2fs wait...

9.8CVSS5.9AI score0.93235EPSS
Exploits54References294
nessus
nessus
added 2026/04/23 12:0 a.m.8 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-014303)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014303 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential deadlock As Jiaming Zhang and syzbot reported, there is potential...

5.4AI score0.00168EPSS
Exploits0References4
nessus
nessus
added 2026/04/23 12:0 a.m.7 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-014301)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014301 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential deadlock Using f2fstrylockop in f2fswritecompressedpages to avoid...

5.5CVSS5.6AI score0.0017EPSS
Exploits0References4
nessus
nessus
added 2026/04/22 12:0 a.m.7 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013561)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013561 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on summary info As Wenqing Liu reported in bugzilla:...

5.7AI score0.00206EPSS
Exploits0References4
nessus
nessus
added 2026/04/22 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-013870)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013870 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential deadlock Using f2fstrylockop in f2fswritecompressedpages to avoid...

5.5CVSS5.6AI score0.0017EPSS
Exploits0References4
Rows per page
Query Builder