CVE-2023-53323 ext2/dax: Fix ext2_setsize when len is page aligned

In the Linux kernel, the following vulnerability has been resolved: ext2/dax: Fix ext2setsize when len is page aligned PAGEALIGNx macro gives the next highest value which is multiple of pagesize. But if x is already page aligned then it simply returns x. So, if x passed is 0 in daxzerorange...

CVE-2023-53317

In the Linux kernel, the following vulnerability has been resolved: ext4: fix WARNING in mbfindextent Syzbot found the following issue: EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioreadnolock, ODIRECT and fastcommit support! EXT4-fs loop0: orphan cleanup on readonl...

CVE-2023-53317 ext4: fix WARNING in mb_find_extent

In the Linux kernel, the following vulnerability has been resolved: ext4: fix WARNING in mbfindextent Syzbot found the following issue: EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioreadnolock, ODIRECT and fastcommit support! EXT4-fs loop0: orphan cleanup on readonl...

CVE-2023-53317

CVE-2023-53317 is a Linux kernel vulnerability in the ext4 subsystem, specifically the mb_find_extent path. The provided description shows a fix for a WARNING triggered in mb_find_extent and associated traces involving ext4_mb_complex_scan_group and ext4_ext_map_blocks, indicating a misbehavior i...

CVE-2023-53317 ext4: fix WARNING in mb_find_extent

In the Linux kernel, the following vulnerability has been resolved: ext4: fix WARNING in mbfindextent Syzbot found the following issue: EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioreadnolock, ODIRECT and fastcommit support! EXT4-fs loop0: orphan cleanup on readonl...

CVE-2022-50344 ext4: fix null-ptr-deref in ext4_write_info

In the Linux kernel, the following vulnerability has been resolved: ext4: fix null-ptr-deref in ext4writeinfo I caught a null-ptr-deref bug as follows: ================================================================== KASAN: null-ptr-deref in range 0x0000000000000068-0x000000000000006f CPU: 1 PI...

CVE-2023-53295

In the Linux kernel, the following vulnerability has been resolved: udf: Do not update file length for failed writes to inline files When write to inline file fails or happens only partly, we still updated length of inline data as if the whole write succeeded. Fix the update of length of inline...

CVE-2023-53270

In the Linux kernel, the following vulnerability has been resolved: ext4: fix idisksize exceeding isize problem in paritally written case It is possible for idisksize can exceed isize, triggering a warning. genericperformwrite copied = iovitercopyfromuseratomiclen // copied idisksize, newsize //...

UBUNTU-CVE-2023-53285

In the Linux kernel, the following vulnerability has been resolved: ext4: add bounds checking in getmaxinlinexattrvaluesize Normally the extended attributes in the inode body would have been checked when the inode is first opened, but if someone is writing to the block device while the file syste...

CVE-2023-53301 f2fs: fix kernel crash due to null io->bio

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix kernel crash due to null io-bio We should return when io-bio is null before doing anything. Otherwise, panic. BUG: kernel NULL pointer dereference, address: 0000000000000010 RIP: 0010:submitmergedwritecond+0x164/0x240...

CVE-2023-53301

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix kernel crash due to null io-bio We should return when io-bio is null before doing anything. Otherwise, panic. BUG: kernel NULL pointer dereference, address: 0000000000000010 RIP: 0010:submitmergedwritecond+0x164/0x240...

CVE-2023-53292 blk-mq: fix NULL dereference on q->elevator in blk_mq_elv_switch_none

In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix NULL dereference on q-elevator in blkmqelvswitchnone After grabbing q-sysfslock, q-elevator may become NULL because of elevator switch. Fix the NULL dereference on q-elevator by checking it with lock...

CVE-2023-53265 ubi: ensure that VID header offset + VID header size <= alloc, size

In the Linux kernel, the following vulnerability has been resolved: ubi: ensure that VID header offset + VID header size dumpstack lib/dumpstack.c:88 inline dumpstacklvl+0x85/0xad lib/dumpstack.c:106 printaddressdescription mm/kasan/report.c:317 inline printreport.cold.13+0xb6/0x6bb...

NFS: Fix the setting of capabilities when automounting a new filesystem

...

PT-2025-37906

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw within the f2fs subsystem. A null pointer dereference in the submit merged write cond function can lead to a kernel crash when io-bio is null. This...

PT-2025-38035

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.2.0-rc1-syzkaller Description: The Linux kernel contains a flaw within the ext4 filesystem related to block bitmap validation. Specifically, the mb find extent function may trigger a warning due to...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from the fs/ntfs3 module not properly handling null pointers when generating attrlist, which could lead to null...

Linux Distros Unpatched Vulnerability : CVE-2023-53260

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ovl: fix null pointer dereference in ovlpermission Following process: P1 P2 pathlookupat...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from the reuse of the nilfsroot structure in the nilfs2 filesystem after it has been freed during an iput...

Linux Distros Unpatched Vulnerability : CVE-2022-50335

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - 9p: set req refcount to zero to avoid uninitialized usage When a new request is allocated, the refcount will be zero if it is reused, but if the request is new...