CVE-2026-45858 ext4: don't zero the entire extent if EXT4_EXT_DATA_PARTIAL_VALID1

In the Linux kernel, the following vulnerability has been resolved: ext4: don't zero the entire extent if EXT4EXTDATAPARTIALVALID1 When allocating initialized blocks from a large unwritten extent, or when splitting an unwritten extent during end I/O and converting it to initialized, there is...

SUSE CVE-2025-22240

Arbitrary directory creation or file deletion. In the findfile method of the GitFS class, a path is created using os.path.join using unvalidated input from the “tgtenv” variable. This can be exploited by an attacker to delete any file on the Master's process has permissions to...

PT-2026-43827

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A reference count inconsistency occurs in the hfsplus module when the hfs bnode create function identifies that a node is already hashed. Instead of incrementing the reference count, the...

CVE-2026-45948

ext4: fix memory leak in ext4extshiftextents...

CVE-2026-45864

fs/ntfs3: prevent infinite loops caused by the next valid being the same...

PT-2026-44112

Name of the Vulnerable Software and Affected Versions pam usb versions prior to 0.8.7 Description An issue exists in the hardware authentication system for Linux where shell injection can occur. A crafted UUID in the configuration can lead to root remote code execution when the pamusb-conf...

PT-2026-43968

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description A refcount leak occurs in the AFS Andrew File System implementation within the Linux kernel. This happens because the .mmap...

CVE-2026-45920

ext4: fix dirtyclusters double decrement on fs shutdown...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the incorrect setting of the EXT4GETBLOCKSCONVERT flag when ext4 divides a partition without...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from discontinuous gaps during block allocation in btrfs. This issue causes an EEXIST error in the...

PT-2026-43809

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the ext4 file system between page migration and bitmap modification during mixed huge-page workloads. The issue occurs because the fast path of the load buddy...

PT-2026-43921

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The SELinux security model for overlayfs allows access if the current task can access the top-level user file and the mounter's credentials are sufficient for the lower-level backing fil...

PT-2026-43876

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description A duplicate resource teardown occurs in the PCI endpoint pci-epf-ntb component. The function epf ntb epc destroy performs...

PT-2026-44147

GM-374 Summary Multiple locations in Pimcore v11 call PHP's unserialize on data from database columns and filesystem files without the allowed classes restriction, enabling object injection if an attacker can control the serialized data source. Affected Component - Package: pimcore/pimcore and...

CVE-2026-46002

ext2: reject inodes with zero inlink and valid mode in ext2iget...

PT-2026-43787

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ext4 file system where a double decrement of the dirty clusters counter occurs during file system shutdown. This happens in the error path between the ext4 mb mark...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the DeleteIndexEntryRoot function in fs/ntfs3. This function fails to perform sufficient boundary...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the hfsbnodecreate function in the hfsplus file system. This function returns a node when it...

PT-2026-43869

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ext2 filesystem where the ext2 iget function fails to reject inodes that have a link count i nlink of zero while maintaining a valid mode and a zero deletion time ...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the nireadfoliocmpr function in the ntfs3 file system. This function involves deadlocks due to lo...