Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a potential deadlock issue in f2fs, which could lead to a deadlock...

ROS-20260113-7321

A vulnerability in the f2fssetattr function of the fs/f2fs/file.c module of the Linux kernel's F2FS file system support is related to improper control of resource identifiers "resource injection". Exploitation of the vulnerability may allow a remote intruder to affect the integrity of protected...

ROS-20260113-7313

A vulnerability in the loadelfbinary function of the Linux kernel file system is related to incorrect input validation. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260113-7345

A vulnerability in the ext4fillsuper function in the fs/ext4/super.c module of the ext4 file system of the Linux kernel is related to the reuse of previously freed memory. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integrity and availability of protected...

MiracleLinux 9 : kernel-5.14.0-503.19.1.el9_5 (AXSA:2025-9562:06)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9562:06 advisory. kernel: Bluetooth: l2cap: fix null-ptr-deref in l2capchantimeout CVE-2024-27399 kernel: bpf: Add BPFPROGTYPECGROUPSKB attach type enforcement in...

USN-7922-5 linux-iot vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - ACPI drivers; - InfiniBand drivers; - Media drivers; - Network drivers; - Pin controllers...

kernel: libceph: fix potential use-after-free in have_mon_and_osd_map()

A use-after-free vulnerability was found in the Ceph client session initialization in the Linux kernel. The havemonandosdmap function checks map epochs without holding the appropriate locks, racing with concurrent map updates that free the old map. This can result in dereferencing freed memory...

ROS-20260112-7338

A vulnerability in the btrfsputblockgroup function of the fs/btrfs/block-group.c module of the Linux operating system kernel's btrfs file system support is related to a lack of memory release after an effective lifetime. Exploitation of the vulnerability could allow an attacker to cause a denial ...

ROS-20260112-7379

A vulnerability in the dbDiscardAG function of the JFS file system of the Linux operating system kernel is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260112-7380

A vulnerability in the dtInsert function of the JFS file system of the Linux kernel is related to pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260112-7361

A vulnerability in the f2fsbuildfaultattr function in the fs/f2fs/super.c module of the f2fs file system of the Linux kernel is related to the lack of input data validation. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integrity and availability of protected...

ROS-20260112-7351

A vulnerability in the nfs4setsecuritylabel function of the fs/nfs/nfs4proc.c module of the Linux operating system kernel is related to improper memory release before deleting the last link "memory leak". Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260112-7366

A vulnerability in the f2fs component of the Linux operating system kernel involves improper error handling. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20260112-7331

A vulnerability in the ext4xattrsetentry function of the fs/ext4/xattr.c module of the Ext4 file system of the Linux kernel is related to insufficient locking of a resource. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260112-7342

Vulnerability in the xlogrecoverprocessdata function in the fs/xfs/xfslogrecover.c module of the xfs file system of the Linux kernel is related to reading memory outside of the allocated buffer Exploitation of the vulnerability could allow an attacker to affect the confidentiality and availabilit...

ROS-20260112-7306

A vulnerability in the gfs2putsuper function in the fs/gfs2/super.c module of the gfs2 file system of the Linux kernel is related to the reuse of previously freed memory. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integrity and availability of protected...

USN-7940-2: Linux kernel (Azure, N-Series) vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

USN-7928-5 linux-kvm vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Media drivers; - Network drivers; - AFS file system; - F2FS file system; - Tracing...

CVE-2018-1000150

An exposure of sensitive information vulnerability exists in Jenkins Reverse Proxy Auth Plugin 1.5 and older in ReverseProxySecurityRealmauthContext that allows attackers with local file system access to obtain a list of authorities for logged in users...

CVE-2018-4433

A configuration issue was addressed with additional restrictions. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, watchOS 5, iOS 12, tvOS 12, macOS Mojave 10.14. A malicious application may be able to modify protected parts of th...