CVE-2025-68821

In the Linux kernel, the following vulnerability has been resolved: fuse: fix readahead reclaim deadlock Commit e26ee4efbc79 "fuse: allocate ff-releaseargs only if release is needed" skips allocating ff-releaseargs if the server does not implement open. However in doing so, fusepreparerelease now...

CVE-2025-71069

In the Linux kernel, the following vulnerability has been resolved: f2fs: invalidate dentry cache on failed whiteout creation F2FS can mount filesystems with corrupted directory depth values that get runtime-clamped to MAXDIRHASHDEPTH. When RENAMEWHITEOUT operations are performed on such...

CVE-2025-71067

In the Linux kernel, the following vulnerability has been resolved: ntfs: set dummy blocksize to read bootblock when mounting When mounting, sb-sblocksize is used to read the bootblock without being defined or validated. Set a dummy blocksize before attempting to read the bootblock. The issue can...

UBUNTU-CVE-2025-68809

In the Linux kernel, the following vulnerability has been resolved: ksmbd: vfs: fix race on mflags in vfscache ksmbd maintains delete-on-close and pending-delete state in ksmbdinode-mflags. In vfscache.c this field is accessed under inconsistent locking: some paths read and modify mflags under...

CVE-2025-71065

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential deadlock As Jiaming Zhang and syzbot reported, there is potential deadlock in f2fs as below: Chain exists of: &sbi-cprwsem -- fsreclaim -- sbinternal2 Possible unsafe locking scenario: CPU0 CPU1 ----...

CVE-2025-68784

In the Linux kernel, the following vulnerability has been resolved: xfs: fix a UAF problem in xattr repair The xchksetupxattrbuf function can allocate a new value buffer, which means that any reference to ab-value before the call could become a dangling pointer. Fix this by moving an assignment t...

CVE-2025-68772

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid updating compression context during writeback Bai, Shuangpeng reported a bug as below: Oops: divide error: 0000 1 SMP KASAN PTI CPU: 0 UID: 0 PID: 11441 Comm: syz.0.46 Not tainted 6.17.0 1 PREEMPTfull Hardware...

CVE-2025-68772

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid updating compression context during writeback Bai, Shuangpeng reported a bug as below: Oops: divide error: 0000 1 SMP KASAN PTI CPU: 0 UID: 0 PID: 11441 Comm: syz.0.46 Not tainted 6.17.0 1 PREEMPTfull Hardware...

UBUNTU-CVE-2025-68774

In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix missing hfsbnodeget in hfsbnodecreate When sync and link are called concurrently, both threads may enter hfsbnodefind without finding the node in the hash table and proceed to create it. Thread A: hfspluswriteinode -...

Windows NTFS Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally...

CVE-2025-71069 f2fs: invalidate dentry cache on failed whiteout creation

In the Linux kernel, the following vulnerability has been resolved: f2fs: invalidate dentry cache on failed whiteout creation F2FS can mount filesystems with corrupted directory depth values that get runtime-clamped to MAXDIRHASHDEPTH. When RENAMEWHITEOUT operations are performed on such...

CVE-2025-68803 NFSD: NFSv4 file creation neglects setting ACL

In the Linux kernel, the following vulnerability has been resolved: NFSD: NFSv4 file creation neglects setting ACL An NFSv4 client that sets an ACL with a named principal during file creation retrieves the ACL afterwards, and finds that it is only a default ACL based on the mode bits and not the...

CVE-2025-68796

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid updating zero-sized extent in extent cache As syzbot reported: F2FS-fs loop0: updateextenttreerange: extent len is zero, type: 0, extent 0, 0, 0, age 0, 0 ------------ cut here ------------ kernel BUG at...

CVE-2025-68784

CVE-2025-68784 pertains to the Linux kernel (xfs). The issue is a use-after-free in xattr repair where xchk_setup_xattr_buf can allocate a new value buffer, potentially leaving ab->value references dangling. The fix moves the assignment to after the buffer setup, mitigating the dangling refere...

CVE-2025-68771

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix kernel BUG in ocfs2findvictimchain syzbot reported a kernel BUG in ocfs2findvictimchain because the clnextfreerec field of the allocation chain list next free slot in the chain list is 0, triggring the...

CVE-2025-68772

The CVE-2025-68772 entry relates to the Linux kernel f2fs subsystem. The issue arises during writeback when compression context is updated for a possibly compressed file, leading to a race where i_cluster_size may be inconsistent (0 vs 4) and can trigger a divide-by-zero in f2fs_all_cluster_page_...

CVE-2025-68772 f2fs: fix to avoid updating compression context during writeback

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid updating compression context during writeback Bai, Shuangpeng reported a bug as below: Oops: divide error: 0000 1 SMP KASAN PTI CPU: 0 UID: 0 PID: 11441 Comm: syz.0.46 Not tainted 6.17.0 1 PREEMPTfull Hardware...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: btrfs: Do not assert that we found a block group item when creating a free space tree. Currently, when building a free space tree using populatefreespacetree, if the block group tree feature is not enabled, we always expect to fi...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: f2fs: A infinite loop has been fixed in insertextenttree. When incorrect extent information is received, and extentnode is looked up in the RB tree, it can lead to an infinite loop CONFIGF2FSCHECKFS=n. To avoid this issue, a NULL...

kernel: nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm()

A vulnerability has been identified in the Linux kernel's Network File System NFS daemon that could allow for a Denial of Service and in worst case scenario Arbitrary Code Execution. This Use-After-Free flaw arises from a race condition when the kernel handles the confirmation of an NFS client...