Lucene search
K

321 matches found

RedHat Linux
RedHat Linux
added 5 days ago5 views

kernel: gfs2: Fix use-after-free in iomap inline data write path

A flaw was found in the Linux kernel's GFS2 filesystem. This memory corruption vulnerability, a use-after-free, occurs in the iomap inline data write path. The issue arises because a data buffer is released prematurely while still being referenced, leading to a write to freed memory. This could...

7.8CVSS6.6AI score0.0031EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/22 10:59 a.m.7 views

kernel: gfs2: Fix use-after-free in iomap inline data write path

A flaw was found in the Linux kernel's GFS2 filesystem. This memory corruption vulnerability, a use-after-free, occurs in the iomap inline data write path. The issue arises because a data buffer is released prematurely while still being referenced, leading to a write to freed memory. This could...

7.8CVSS6.7AI score0.0031EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.13 views

SUSE SLES12 Security Update : kernel (SUSE-SU-2026:2450-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2450-1 advisory. The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-10263:...

9.8CVSS6.8AI score0.00563EPSS
Exploits10References260
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed a deadlock issue when converting an inline directory in nojournal mode. In nojournal mode, ext4finishconvertinlinedir can cause a self-deadlock by calling ext4handledirtydirblock after having already taken the...

6AI score0.00168EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ext4: Error checking was added to ext4extreplaysetiblocks. If the call to ext4mapblocks fails due to a corrupted file system, ext4extreplaysetiblocks may get stuck in an infinite loop. This issue can be reproduced by running...

5.5CVSS6.1AI score0.0025EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A race condition was discovered in ext4writeinlinedataend in fs/ext4/inline.c within the ext4 subsystem of the Linux kernel, as of version 5.13.13...

7CVSS6.6AI score0.00303EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Do not report a BUG when INLINEDATAFL lacks the system.data xattr attribute. A syzbot fuzed image triggered a BUG in ext4updateinlinedata, when an inode had the INLINEDATAFL flag set but lacked the system.data extended...

5.5CVSS6.3AI score0.00165EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: Fixed the bug in ext4writepages. We encountered the following issue: EXT4-fs error device loop0: ext4mbgeneratebuddy: 1141; group 0; block bitmap and bg descriptor inconsistent: 25 vs 31513 free cls. ------------ Cut here -...

5.5CVSS5.6AI score0.00283EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed an warning in ext4updateinlinedata. Syzbot identified the following issue: EXT4-fs loop0: Mounted a filesystem with ID 00000000-0000-0000-0000-000000000000 without a journal. Quota mode: none. fscrypt: Uses...

5.5CVSS6.4AI score0.00167EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: Avoid crashes when inline data creation occurs after DIO write When an inode is created and written using direct IO, there is no way to clear the EXT4STATEMAYINLINEDATA flag. As a result, when the inode is truncated to just...

5.5CVSS5.9AI score0.00149EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ext4: The issue where inline data checks might be performed during dio write operations has been fixed. According to syzbot, the following warning from ext4iomapbegin is triggered as of the referenced commit: c if...

4.7CVSS5.8AI score0.00179EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ext4: A bug related to delayed allocation was fixed in ext4clumapped for bigalloc and inline scenarios. When converting files with inline data to extents, delayed allocations made on a file system created with both bigalloc and...

5.5CVSS6.1AI score0.00146EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: Added idatasem protection in ext4destroyInlinedatanolock Fixed a race condition between inline data destruction and block mapping. The function ext4destroyInlinedatanolock changes the inode data layout by clearing...

5.9AI score0.0018EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/03 9:15 p.m.13 views

Docling Core: Insufficient validation of image reference URIs

Impact In versions = 2.5.0, = 2.74.1 Workarounds If upgrading is not immediately possible: - reject file: and data: image references from untrusted input - allow only approved local or remote image sources - apply input size and memory limits to processing workers References - Fix release: v2.74....

5.8AI score0.0004EPSS
Exploits0References3Affected Software1
SUSE CVE
SUSE CVE
added 2026/05/28 3:55 a.m.12 views

SUSE CVE-2026-45943

In the Linux kernel, the following vulnerability has been resolved: erofs: fix inline data read failure for ztailpacking pclusters Compressed folios for ztailpacking pclusters must be valid before adding these pclusters to I/O chains. Otherwise, zerofsdecompresspcluster may assume they are alread...

5.7AI score0.00125EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:54 a.m.10 views

SUSE CVE-2026-45984

In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix use-after-free in iomap inline data write path The inline data buffer head dibh is being released prematurely in gfs2iomapbegin via releasemetapath while iomap-inlinedata still points to dibh-bdata. This causes a...

7.8CVSS5.9AI score0.0031EPSS
Exploits0References23
RedhatCVE
RedhatCVE
added 2026/05/27 10:18 p.m.11 views

CVE-2026-45984

A flaw was found in the Linux kernel's GFS2 filesystem. This memory corruption vulnerability, a use-after-free, occurs in the iomap inline data write path. The issue arises because a data buffer is released prematurely while still being referenced, leading to a write to freed memory. This could...

7.8CVSS5.9AI score0.0031EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/27 3:33 p.m.12 views

EUVD-2026-32269

In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix use-after-free in iomap inline data write path The inline data buffer head dibh is being released prematurely in gfs2iomapbegin via releasemetapath while iomap-inlinedata still points to dibh-bdata. This causes a...

5.9AI score0.0031EPSS
Exploits0References9
EUVD
EUVD
added 2026/05/27 3:33 p.m.11 views

EUVD-2026-32227

In the Linux kernel, the following vulnerability has been resolved: erofs: fix inline data read failure for ztailpacking pclusters Compressed folios for ztailpacking pclusters must be valid before adding these pclusters to I/O chains. Otherwise, zerofsdecompresspcluster may assume they are alread...

5.7AI score0.00125EPSS
Exploits0References5
NVD
NVD
added 2026/05/27 2:17 p.m.11 views

CVE-2026-45984

In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix use-after-free in iomap inline data write path The inline data buffer head dibh is being released prematurely in gfs2iomapbegin via releasemetapath while iomap-inlinedata still points to dibh-bdata. This causes a...

7.8CVSS0.0031EPSS
Exploits0References13
Rows per page
Query Builder