SUSE CVE-2023-53149

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid deadlock in fs reclaim with page writeback Ext4 has a filesystem wide lock protecting ext4writepages calls to avoid races with switching of journalled data flag or inode format. This lock can however cause a deadlock...

SUSE CVE-2023-53348

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock when aborting transaction during relocation with scrub Before relocating a block group we pause scrub, then do the relocation and then unpause scrub. The relocation process requires starting and committing a...

Docker Image Persistence

This module maintains persistence on a host by creating a docker image which runs our payload, and has access to the host's file system /host in the container. Whenever the container restarts, the payload will run, or when the payload dies the executable will run again after a delay. This will...

CVE-2025-59341 Local File Inclusion in esm.sh

esm.sh is a nobuild content delivery networkCDN for modern web development. In 136 and earlier, a Local File Inclusion LFI issue was identified in the esm.sh service URL handling. An attacker could craft a request that causes the server to read and return files from the host filesystem or other...

CVE-2025-59341

CVE-2025-59341 is evidenced by the connected document: nuclei template describing esm.sh

CVE-2023-53348

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock when aborting transaction during relocation with scrub Before relocating a block group we pause scrub, then do the relocation and then unpause scrub. The relocation process requires starting and committing a...

CVE-2023-53337 nilfs2: do not write dirty data after degenerating to read-only

In the Linux kernel, the following vulnerability has been resolved: nilfs2: do not write dirty data after degenerating to read-only According to syzbot's report, markbufferdirty called from nilfssegctordoconstruct outputs a warning with some patterns after nilfs2 detects metadata corruption and...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from an attempt to write dirty data even after the file system has been downgraded to read-only mode, which...

PT-2025-38187

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw within the nilfs2 file system where dirty data might be written to after the file system has degraded to read-only mode. This occurs because mark buffe...

Linux Distros Unpatched Vulnerability : CVE-2022-50277

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ext4: don't allow journal inode to have encrypt flag Mounting a filesystem whose journal ino...

PT-2025-49444

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists within the USB gadget f fs functionality. Specifically, a NULL pointer dereference can occur in the ffs func eps enable function when accessing epfile-ep after a...

Linux Distros Unpatched Vulnerability : CVE-2023-53262

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: f2fs: fix scheduling while atomic in decompression path 16.945668 C0 Call trace: 16.945678 C...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a race condition in the fs dlm component that could lead to a null pointer dereference...

SUSE CVE-2023-53317

In the Linux kernel, the following vulnerability has been resolved: ext4: fix WARNING in mbfindextent Syzbot found the following issue: EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioreadnolock, ODIRECT and fastcommit support! EXT4-fs loop0: orphan cleanup on readonl...

DEBIAN-CVE-2023-53323

In the Linux kernel, the following vulnerability has been resolved: ext2/dax: Fix ext2setsize when len is page aligned PAGEALIGNx macro gives the next highest value which is multiple of pagesize. But if x is already page aligned then it simply returns x. So, if x passed is 0 in daxzerorange...

CVE-2023-53317

In the Linux kernel, the following vulnerability has been resolved: ext4: fix WARNING in mbfindextent Syzbot found the following issue: EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioreadnolock, ODIRECT and fastcommit support! EXT4-fs loop0: orphan cleanup on readonl...

CVE-2022-50344

In the Linux kernel, the following vulnerability has been resolved: ext4: fix null-ptr-deref in ext4writeinfo I caught a null-ptr-deref bug as follows: ================================================================== KASAN: null-ptr-deref in range 0x0000000000000068-0x000000000000006f CPU: 1 PI...

DEBIAN-CVE-2022-50341

In the Linux kernel, the following vulnerability has been resolved: cifs: fix oops during encryption When running xfstests against Azure the following oops occurred on an arm64 system Unable to handle kernel write to read-only memory at virtual address ffff0001221cf000 Mem abort info: ESR =...

UBUNTU-CVE-2023-53323

In the Linux kernel, the following vulnerability has been resolved: ext2/dax: Fix ext2setsize when len is page aligned PAGEALIGNx macro gives the next highest value which is multiple of pagesize. But if x is already page aligned then it simply returns x. So, if x passed is 0 in daxzerorange...

CVE-2023-53323

In the Linux kernel, the following vulnerability has been resolved: ext2/dax: Fix ext2setsize when len is page aligned PAGEALIGNx macro gives the next highest value which is multiple of pagesize. But if x is already page aligned then it simply returns x. So, if x passed is 0 in daxzerorange...