Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: NFS: Do not corrupt the value of pgbyteswritten in nfsdorecoalesce The value of mirror-pgbyteswritten should only be updated after a successful attempt to flush out the requests on the list...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: Make sure that WRITTEN is set on all metadata blocks. Previously, we would call btrfscheckleaf if the checkIntegrity code was enabled. This meant that we could only perform extended leaf checks if WRITTEN was set on the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: nfsd: Fixed a cred reference leak in nfsdnlthreadssetdoit. syzbot reported a memory leak of the struct cred object. 0 nfsdnlthreadssetdoit passes getcurrentcred to nfsdsvc, but putcred is not called afterward. The cred is...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: nfsd: fixed RELEASELOCKOWNER The test on socount in nfsd4releaselockowner is pointless and harmful. revert to using checkforlocks, changing it to not sleep. Firstly, it’s harmful. As documented in the kdoc comment for...

Astra Linux – Vulnerability in ntfs-3g

NTFS-3G versions prior to 2021.8.22 may experience a heap buffer overflow when a specially crafted NTFS attribute is set up using the function ntfsattrsetupflag. This could allow code execution and an escalation of privileges...

Astra Linux – Vulnerability in ntfs-3g

A properly crafted NTFS image can cause a heap-based buffer overflow in the ntfsmftrecalloc function within NTFS-3G from version 2021.8.22 onwards...

Astra Linux – Vulnerability in Qemu

A flaw was discovered in qemu. A host privilege escalation issue was identified in the virtio-fs shared file system daemon, where a privileged guest user is able to create a device-specific special file in the shared directory and use it to gain read/write access to host devices...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: bfs: Reconstructing the file type when loading from disk syzbot reports that the SIFMT bits of the inode-imode field can become invalid when: 1. The 32-bit “mode” field loaded from disk is corrupted; 2. The 32-bit “attributes”...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nilfs2: A potential UAF Use-After-Free error in struct nilfsscinfo can be prevented in nilfssegctorthread. The finalization of nilfssegctorthread may race with nilfssegctorkillthread, which terminates that thread. This could...

Astra Linux – Vulnerability in Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: cifs: fixed a underflow issue in parseserverinterfaces. In this loop, we iterate through the buffer. After processing each item, we check whether the sizeleft is greater than the minimum size required. However, the problem arises...

f2fs: fix use-after-free of sbi in f2fs_compress_write_end_io()

...

Linux Distros Unpatched Vulnerability : CVE-2026-43053

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfs: close crash window in attr dabtree inactivation When inactivating an inode with node-format extended attributes, xfsattr3nodeinactive invalidates all child...

Linux Distros Unpatched Vulnerability : CVE-2026-31714

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - f2fs: fix to avoid memory leak in f2fsrename syzbot reported a f2fs bug as below: BUG: memory leak unreferenced object 0xffff888127f70830 size 16: comm syz.0.23...

JeecgBoot 安全漏洞

JeecgBoot is a Java low-code platform developed by Jeecg Corporation, designed for enterprise web applications. JeecgBoot versions 3.9.1 and earlier contain security vulnerabilities. These vulnerabilities stem from an unknown feature in the FillRuleUtil component, specifically the...

CVE-2026-31715

A flaw was found in the Linux kernel's Flash-Friendly File System f2fs. A use-after-free vulnerability exists due to incorrect handling of page counts during concurrent write operations and unmounting. This can lead to a NULL pointer dereference, causing the system to panic and resulting in a...

CVE-2026-31714

A flaw was found in the Linux kernel's F2FS Flash-Friendly File System component. This vulnerability, a memory leak, occurs within the f2fsrename function. A local attacker could exploit this by repeatedly performing file rename operations, leading to a gradual consumption of system memory. Over...

CVE-2026-31702

A flaw was found in the Linux kernel's F2FS Flash-Friendly File System component. A use-after-free vulnerability exists in the f2fscompresswriteendio function. This flaw is caused by a race condition during the compressed writeback completion path, where the system attempts to access memory that...

CVE-2026-43053

In the Linux kernel, the following vulnerability has been resolved: xfs: close crash window in attr dabtree inactivation When inactivating an inode with node-format extended attributes, xfsattr3nodeinactive invalidates all child leaf/node blocks via xfstransbinval, but intentionally does not remo...

CVE-2026-31693

A flaw was found in the Linux kernel's Common Internet File System cifs component. This vulnerability occurs when certain local variables are not properly reinitialized during the replay of a request. This oversight can lead to unexpected system behavior or instability, potentially resulting in a...

CVE-2026-31716

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: validate rec-used in journal-replay file record check checkfilerecord validates rec-total against the record size but never validates rec-used. The doaction journal-replay handlers read rec-used from disk and use it to...