CVE-2023-54098

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gvt: fix gvt debugfs destroy When gvt debug fs is destroyed, need to have a sane check if drm minor's debugfs root is still available or not, otherwise in case like device remove through unbinding, drm minor's debugfs...

CVE-2025-68736

In the Linux kernel, the following vulnerability has been resolved: landlock: Fix handling of disconnected directories Disconnected files or directories can appear when they are visible and opened from a bind mount, but have been renamed or moved from the source of the bind mount in a way that...

UBUNTU-CVE-2023-54127

In the Linux kernel, the following vulnerability has been resolved: fs/jfs: prevent double-free in dbUnmount after failed jfsremount Syzkaller reported the following issue: ================================================================== BUG: KASAN: double-free in slabfree mm/slub.c:3787 inline...

UBUNTU-CVE-2023-54124

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to drop all dirty pages during umount if cperror is set xfstest generic/361 reports a bug as below: f2fsbugonsbi, sbi-fsyncnodenum; kernel BUG at fs/f2fs/super.c:1627! RIP: 0010:f2fsputsuper+0x3a8/0x3b0 Call Trace:...

UBUNTU-CVE-2022-50747

In the Linux kernel, the following vulnerability has been resolved: hfs: Fix OOB Write in hfsasc2mac Syzbot reported a OOB Write bug: loop0: detected capacity change from 0 to 64 ================================================================== BUG: KASAN: slab-out-of-bounds in...

CVE-2023-54130 hfs/hfsplus: avoid WARN_ON() for sanity check, use proper error handling

In the Linux kernel, the following vulnerability has been resolved: hfs/hfsplus: avoid WARNON for sanity check, use proper error handling Commit 55d1cbbbb29e "hfs/hfsplus: use WARNON for sanity check" fixed a build warning by turning a comment into a WARNON, but it turns out that syzbot then...

CVE-2023-54127

CVE-2023-54127 describes a kernel-level double-free in JFS during unmount/remount paths. Affected code paths include dbUnmount() in fs/jfs/jfs_dmap.c and jfs_umount/jfs_put_super, with a KASAN slab_free/free hook triggering the double-free in mm/slub.c. The issue occurs after a failed jfs_remount...

CVE-2023-54127 fs/jfs: prevent double-free in dbUnmount() after failed jfs_remount()

In the Linux kernel, the following vulnerability has been resolved: fs/jfs: prevent double-free in dbUnmount after failed jfsremount Syzkaller reported the following issue: ================================================================== BUG: KASAN: double-free in slabfree mm/slub.c:3787 inline...

CVE-2023-54124 f2fs: fix to drop all dirty pages during umount() if cp_error is set

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to drop all dirty pages during umount if cperror is set xfstest generic/361 reports a bug as below: f2fsbugonsbi, sbi-fsyncnodenum; kernel BUG at fs/f2fs/super.c:1627! RIP: 0010:f2fsputsuper+0x3a8/0x3b0 Call Trace:...

CVE-2023-54098

CVE-2023-54098 affects the Linux kernel’s DRM/I915/GVT component. The issue occurs when destroying gvt debugfs: if the drm minor’s debugfs root is already removed (e.g., due to device removal/unbinding), intel_gvt_debugfs_clean() may operate on a dangling pointer, leading to a NULL pointer derefe...

CVE-2023-54099

CVE-2023-54099 relates to a race in Linux kernel remount handling where clearing SB_RDONLY to switch a filesystem from read-only to read-write could briefly allow userspace writes before the filesystem is fully ready. The issue is in the remount/reconfiguration path; the recommended fix is to tra...

CVE-2022-50753

CVE-2022-50753 affects the Linux kernel F2FS recovery paths. Public details in connected documents show a use-after-free in recover_data due to an SSA table corruption (ofs_in_node > ADDRS_PER_PAGE) leading to out-of-bounds access during mount for a fuzzed image. The patch adds sanity checks o...

EUVD-2025-205090

In the Linux kernel, the following vulnerability has been resolved: ocfs2: relax BUG to ocfs2error in ocfs2moveextent In 'ocfs2moveextent', relax 'BUG' to 'ocfs2error' just to avoid crashing the whole kernel due to a filesystem corruption...

EUVD-2025-205093

In the Linux kernel, the following vulnerability has been resolved: erofs: limit the level of fs stacking for file-backed mounts Otherwise, it could cause potential kernel stack overflow e.g., EROFS mounting itself...

CVE-2023-54067 btrfs: fix race when deleting free space root from the dirty cow roots list

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race when deleting free space root from the dirty cow roots list When deleting the free space tree we are deleting the free space root from the list fsinfo-dirtycowonlyroots without taking the lock that protects it,...

CVE-2025-68736 landlock: Fix handling of disconnected directories

In the Linux kernel, the following vulnerability has been resolved: landlock: Fix handling of disconnected directories Disconnected files or directories can appear when they are visible and opened from a bind mount, but have been renamed or moved from the source of the bind mount in a way that...

CVE-2025-68361

In the Linux kernel, the following vulnerability has been resolved: erofs: limit the level of fs stacking for file-backed mounts Otherwise, it could cause potential kernel stack overflow e.g., EROFS mounting itself...

CVE-2025-68364

In the Linux kernel, the following vulnerability has been resolved: ocfs2: relax BUG to ocfs2error in ocfs2moveextent In 'ocfs2moveextent', relax 'BUG' to 'ocfs2error' just to avoid crashing the whole kernel due to a filesystem corruption...

AZL-73105 CVE-2025-68356 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: gfs2: Prevent recursive memory reclaim Function newinode returns a new inode with inode-imapping-gfpmask set to GFPHIGHUSERMOVABLE. This value includes the GFPFS flag, so allocations in that address space can recurse into...

UBUNTU-CVE-2025-68361

In the Linux kernel, the following vulnerability has been resolved: erofs: limit the level of fs stacking for file-backed mounts Otherwise, it could cause potential kernel stack overflow e.g., EROFS mounting itself...