235 matches found
USN-7906-2: Linux kernel (GCP) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - x86 architecture; - Cryptographic API; - Android drivers; - TTY drivers; - F2FS file system; - 9P file system netwo...
f2fs: zone: fix to avoid inconsistence in between SIT and SSA
...
f2fs: fix null-ptr-deref in f2fs_get_dnode_of_data
...
CVE-2025-40150
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid migrating empty section It reports a bug from device w/ zufs: F2FS-fs dm-64: Inconsistent segment 173822 type 1, 0 in SSA and SIT F2FS-fs dm-64: Stopped filesystem due to reason: 4 Thread A Thread B -...
CVE-2025-40138
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid NULL pointer dereference in f2fscheckquotaconsistency syzbot reported a f2fs bug as below: Oops: gen 107.736417 T5848 Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 ...
Siemens SIMATIC S7-1500 Deadlock (CVE-2024-27032)
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential panic during recovery During recovery, if FAULTBLOCK is on, it is possible that f2fsreservenewblock will return -ENOSPC during recovery, then it may trigger panic. Also, if fault injection rate is 1 a...
EUVD-2025-124945
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid NULL pointer dereference in f2fscheckquotaconsistency syzbot reported a f2fs bug as below: Oops: gen 107.736417 T5848 Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 ...
CVE-2025-40138
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid NULL pointer dereference in f2fscheckquotaconsistency syzbot reported a f2fs bug as below: Oops: gen 107.736417 T5848 Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 ...
UBUNTU-CVE-2025-40137
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to truncate first page in error path of f2fstruncate syzbot reports a bug as below: loop0: detected capacity change from 0 to 40427 F2FS-fs loop0: Wrong SSA boundary, start3584 end4096 blocks3072 F2FS-fs loop0: Can't fi...
CVE-2025-40138
Summary: CVE-2025-40138 affects the Linux kernel f2fs quota maintenance path. The issue is a NULL pointer dereference in f2fs_check_quota_consistency(), triggered by unsafe handling before comparing old_qname/new_qname pointers during remount/quotacheck flows. The bug’s direct cause is a potentia...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989799)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989799 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check for inline inode Yanming reported a kernel bug in Bugzilla kernel 1,...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988914)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988914 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on curseg-alloctype As Wenqing Liu reported in bugzilla:...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989219)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989219 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on totaldatablocks As Yanming reported in bugzilla:...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989419)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989419 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: avoid format-overflow warning With gcc and W=1 option, there's a warning like this:...
f2fs: fix to avoid overflow while left shift operation
...
Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices NULL Pointer Dereference (CVE-2021-44879)
In gcdatasegment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a movedatapage NULL pointer dereference. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...
CVE-2025-40077
CVE-2025-40077 is a Linux kernel/FP (F2FS) related fix: the issue was an overflow risk during a left shift involving folio->index. The described root cause is casting folio->index from pgoff_t to loff_t to prevent overflow, with the correction implemented in f2fs code paths. The connected O...
Linux Distros Unpatched Vulnerability : CVE-2025-40077
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - f2fs: fix to avoid overflow while left shift operation Should cast type of folio-index from pgofft to lofft to avoid overflow while left shift operation...
PT-2026-2504
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.17.0 Description The Linux kernel contains a flaw within the f2fs file system related to handling compression contexts during writeback operations. A race condition can occur when a file is being fsynced, its...
f2fs: fix to account dirty data in __get_secs_required()
...