17761 matches found
CVE-2025-38659 gfs2: No more self recovery
In the Linux kernel, the following vulnerability has been resolved: gfs2: No more self recovery When a node withdraws and it turns out that it is the only node that has the filesystem mounted, gfs2 currently tries to replay the local journal to bring the filesystem back into a consistent state. N...
CVE-2025-38652 f2fs: fix to avoid out-of-boundary access in devs.path
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid out-of-boundary access in devs.path - touch /mnt/f2fs/012345678901234567890123456789012345678901234567890123 - truncate -s $102410241024 \ /mnt/f2fs/012345678901234567890123456789012345678901234567890123 - touc...
CVE-2025-38652
CVE-2025-38652: In the Linux kernel, a f2fs path handling bug can cause out-of-bounds access when constructing devs.path for a device, due to sbi->devs.path[] not leaving space for the trailing null terminator. Root cause: device path storage (path[MAX_PATH_LEN]) can be fully filled, causing p...
CVE-2025-38652 f2fs: fix to avoid out-of-boundary access in devs.path
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid out-of-boundary access in devs.path - touch /mnt/f2fs/012345678901234567890123456789012345678901234567890123 - truncate -s $102410241024 \ /mnt/f2fs/012345678901234567890123456789012345678901234567890123 - touc...
CVE-2025-38627 f2fs: compress: fix UAF of f2fs_inode_info in f2fs_free_dic
In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix UAF of f2fsinodeinfo in f2fsfreedic The decompressioctx may be released asynchronously after I/O completion. If this file is deleted immediately after read, and the kworker of processing postreadwq has not bee...
CVE-2025-38627
In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix UAF of f2fsinodeinfo in f2fsfreedic The decompressioctx may be released asynchronously after I/O completion. If this file is deleted immediately after read, and the kworker of processing postreadwq has not bee...
CVE-2025-38626
CVE-2025-38626 affects the Linux kernel with the F2FS file system in foreground log-structured (lfs) mode. The issue arises in f2fs_map_blocks() where allocations can trigger block allocations aggressively under parallel aio/dio/bufio workloads, potentially exhausting space and causing a system p...
CVE-2025-38626 f2fs: fix to trigger foreground gc during f2fs_map_blocks() in lfs mode
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to trigger foreground gc during f2fsmapblocks in lfs mode w/ "mode=lfs" mount option, generic/299 will cause system panic as below: ------------ cut here ------------ kernel BUG at fs/f2fs/segment.c:2835! Call Trace:...
CVE-2025-38626 f2fs: fix to trigger foreground gc during f2fs_map_blocks() in lfs mode
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to trigger foreground gc during f2fsmapblocks in lfs mode w/ "mode=lfs" mount option, generic/299 will cause system panic as below: ------------ cut here ------------ kernel BUG at fs/f2fs/segment.c:2835! Call Trace:...
USN-7711-1 linux-azure vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PA-RISC architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; -...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an unvalidated file type that could result in a file system error...
USN-7703-3: Linux kernel (Oracle) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - GPIO subsystem; - GPU...
USN-7703-3 linux-oracle, linux-oracle-6.8 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - GPIO subsystem; - GPU...
USN-7704-4: Linux kernel (NVIDIA) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Arm Firmware Framework for ARMv8-AFFA; - Multiple devices driver; - Media drivers; - Network...
USN-7704-4 linux-nvidia vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Arm Firmware Framework for ARMv8-AFFA; - Multiple devices driver; - Media drivers; - Network...
CVE-2025-54460
The vulnerability, if exploited, could allow an authenticated miscreant with privileges to create or access publication targets of type Text File or HDFS to upload and persist files that could potentially be executed...
CVE-2025-54460
The CVE-2025-54460 entry corresponds to AVEVA PI Integrator and describes an authenticated user with privileges to create or access publication targets (Text File or HDFS) being able to upload and persist files that could be executed. Connected sources corroborate an unrestricted upload of a dang...
CVE-2025-54460 AVEVA PI Integrator Unrestricted Upload of File with Dangerous Type
The vulnerability, if exploited, could allow an authenticated miscreant with privileges to create or access publication targets of type Text File or HDFS to upload and persist files that could potentially be executed...
f2fs: fix to bail out in get_new_segment()
...
PT-2025-34294 · Apache · Hdfs
Name of the Vulnerable Software and Affected Versions: affected versions not specified Description: The vulnerability could allow an authenticated attacker with privileges to create or access publication targets of type Text File or HDFS to upload and persist files that could potentially be...