483 matches found
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: hfsplus: The issue of missing hfsbnodeget in hfsbnodecreate has been fixed. When sync and link are called concurrently, both threads may enter hfsbnodefind, but fail to find the node in the hash table. As a result, they proceed t...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: hfs/hfsplus: Avoid using WARNON for sanity checks; instead, use proper error handling. The commit 55d1cbbbb29e “hfs/hfsplus: Use WARNON for sanity checks” fixed a build warning by converting a comment into a WARNON call...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
A use-after-free flaw was discovered in hfsplusputsuper in fs/hfsplus/super.c within the Linux kernel. This flaw could allow a local user to cause a denial of service problem...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: hfsplus: fixed the KMSAN uninit-value issue in hfsplusdeletecat The syzbot reported an issue in hfsplusdeletecat: 70.682285 T9333=========================================== 70.682943 T9333 BUG: KMSAN: uninit-value in...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: hfsplus: Ensure that sb-sfsinfo is always cleaned up. When hfsplus was converted to the new mount API, a bug was introduced by changing the allocation pattern of sb-sfsinfo. If setupbdevsuper fails after a new superblock has been...
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerability has been resolved: hfsplus: prevented corruption during the shrinking of truncate operations. I believe there are some issues introduced by commit 31651c607151 “hfsplus: avoided deadlock during file truncation”. HFS+ uses extent records, which alwa...
SUSE CVE-2026-46299
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix held lock freed on hfsplusfillsuper hfsplusfillsuper calls hfsfindinit to initialize a search structure, which acquires tree-treelock. If the subsequent call to hfspluscatbuildkey fails, the function jumps to the...
Linux Distros Unpatched Vulnerability : CVE-2026-46299
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hfsplus: fix held lock freed on hfsplusfillsuper hfsplusfillsuper calls hfsfindinit to initialize a search structure, which acquires tree-treelock. If the...
CVE-2026-46299
A flaw was found in the hfsplus filesystem component of the Linux kernel. An issue exists in the hfsplusfillsuper function where a lock is not properly released during an error handling path. This can occur when certain conditions cause hfspluscatbuildkey to fail during filesystem initialization....
CVE-2026-46299
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix held lock freed on hfsplusfillsuper hfsplusfillsuper calls hfsfindinit to initialize a search structure, which acquires tree-treelock. If the subsequent call to hfspluscatbuildkey fails, the function jumps to the...
UBUNTU-CVE-2026-46299
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix held lock freed on hfsplusfillsuper hfsplusfillsuper calls hfsfindinit to initialize a search structure, which acquires tree-treelock. If the subsequent call to hfspluscatbuildkey fails, the function jumps to the...
CVE-2026-46299 hfsplus: fix held lock freed on hfsplus_fill_super()
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix held lock freed on hfsplusfillsuper hfsplusfillsuper calls hfsfindinit to initialize a search structure, which acquires tree-treelock. If the subsequent call to hfspluscatbuildkey fails, the function jumps to the...
CVE-2026-46299
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix held lock freed on hfsplusfillsuper hfsplusfillsuper calls hfsfindinit to initialize a search structure, which acquires tree-treelock. If the subsequent call to hfspluscatbuildkey fails, the function jumps to the...
CVE-2026-46299
CVE-2026-46299 (Linux kernel) affects the hfsplus filesystem during mount. hfsplus_fill_super() calls hfs_find_init() to initialize a search structure, which grabs tree->tree_lock. If hfsplus_cat_build_key() fails, control jumps to out_put_root without releasing the lock, causing a later clean...
EUVD-2026-35165
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix held lock freed on hfsplusfillsuper hfsplusfillsuper calls hfsfindinit to initialize a search structure, which acquires tree-treelock. If the subsequent call to hfspluscatbuildkey fails, the function jumps to the...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper lock release in the hfsplusfillsuper function. This could lead to the release of already...
SUSE CVE-2026-46169
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value by validating catalog record size Syzbot reported a KMSAN uninit-value issue in hfsplusstrcasecmp. The root cause is that hfsbrecread doesn't validate that the on-disk record size matches the expected si...
Linux Distros Unpatched Vulnerability : CVE-2026-46169
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hfsplus: fix uninit-value by validating catalog record size Syzbot reported a KMSAN uninit-value issue in hfsplusstrcasecmp. The root cause is that hfsbrecread...
CVE-2026-46169
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value by validating catalog record size Syzbot reported a KMSAN uninit-value issue in hfsplusstrcasecmp. The root cause is that hfsbrecread doesn't validate that the on-disk record size matches the expected si...
UBUNTU-CVE-2026-46169
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value by validating catalog record size Syzbot reported a KMSAN uninit-value issue in hfsplusstrcasecmp. The root cause is that hfsbrecread doesn't validate that the on-disk record size matches the expected si...