3432 matches found
CVE-2022-50435 ext4: avoid crash when inline data creation follows DIO write
In the Linux kernel, the following vulnerability has been resolved: ext4: avoid crash when inline data creation follows DIO write When inode is created and written to using direct IO, there is nothing to clear the EXT4STATEMAYINLINEDATA flag. Thus when inode gets truncated later to say 1 byte and...
CVE-2025-39927
In the Linux kernel, the following vulnerability has been resolved: ceph: fix race condition validating rparent before applying state Add validation to ensure the cached parent directory inode matches the directory info in MDS replies. This prevents client-side race conditions where concurrent...
UBUNTU-CVE-2025-39927
In the Linux kernel, the following vulnerability has been resolved: ceph: fix race condition validating rparent before applying state Add validation to ensure the cached parent directory inode matches the directory info in MDS replies. This prevents client-side race conditions where concurrent...
CVE-2025-39927 ceph: fix race condition validating r_parent before applying state
In the Linux kernel, the following vulnerability has been resolved: ceph: fix race condition validating rparent before applying state Add validation to ensure the cached parent directory inode matches the directory info in MDS replies. This prevents client-side race conditions where concurrent...
CVE-2025-39927 ceph: fix race condition validating r_parent before applying state
In the Linux kernel, the following vulnerability has been resolved: ceph: fix race condition validating rparent before applying state Add validation to ensure the cached parent directory inode matches the directory info in MDS replies. This prevents client-side race conditions where concurrent...
CVE-2025-39927 ceph: fix race condition validating r_parent before applying state
In the Linux kernel, the following vulnerability has been resolved: ceph: fix race condition validating rparent before applying state Add validation to ensure the cached parent directory inode matches the directory info in MDS replies. This prevents client-side race conditions where concurrent...
CVE-2025-39927
CVE-2025-39927 is addressed in the Linux kernel via a Ceph client race fix. The issue occurred when validating r_parent before applying MDS replies, risking stale parent inode references and applying state changes to the wrong directory inode. The fix adds validation to ensure the cached parent i...
kernel: smb: client: fix use-after-free in cifs_oplock_break
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in cifsoplockbreak A race condition can occur in cifsoplockbreak leading to a use-after-free of the cinode structure when unmounting: cifsoplockbreak cifsFileInfoputcfile cifsFileInfoputfinal...
kernel: smb: client: fix use-after-free in cifs_oplock_break
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in cifsoplockbreak A race condition can occur in cifsoplockbreak leading to a use-after-free of the cinode structure when unmounting: cifsoplockbreak cifsFileInfoputcfile cifsFileInfoputfinal...
PT-2025-40120
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.19.0-rc8-00001-g31ba1e3b8305 Description The Linux kernel contained a flaw within the ext4 filesystem implementation. Specifically, a crash could occur when attempting to create inline data following a direct I...
kernel: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass
In the Linux kernel, the following vulnerability has been resolved: fs: export anoninodemakesecureinode and fix secretmem LSM bypass Export anoninodemakesecureinode to allow KVM guestmemfd to create anonymous inodes with proper security context. This replaces the current pattern of calling...
ALSA-2025:16904 Moderate: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: fs: export anoninodemakesecureinode and fix secretmem LSM bypass CVE-2025-38396 kernel: smb: client: fix use-after-free in cifsoplockbreak CVE-2025-38527 kernel: cifs: Fix the smbdrespons...
RHEL 10 : kernel (RHSA-2025:16904)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:16904 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: fs: export...
PT-2025-46757
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the Squashfs file system where negative file sizes can be returned by the squashfs read inode function. This issue can lead to a warning in...
Linux Distros Unpatched Vulnerability : CVE-2025-39842
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ocfs2: prevent release journal inode after journal shutdown Before calling ocfs2deleteosb, ocfs2journalshutdown has already been executed in ocfs2dismountvolume...
Linux Distros Unpatched Vulnerability : CVE-2025-39884
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: fix subvolume deletion lockup caused by inodes xarray race There is a race condition between inode eviction and inode caching that can cause a live struc...
SUSE CVE-2025-39884
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix subvolume deletion lockup caused by inodes xarray race There is a race condition between inode eviction and inode caching that can cause a live struct btrfsinode to be missing from the root-inodes xarray. Specifically,...
CVE-2025-39884
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix subvolume deletion lockup caused by inodes xarray race There is a race condition between inode eviction and inode caching that can cause a live struct btrfsinode to be missing from the root-inodes xarray. Specifically,...
UBUNTU-CVE-2025-39884
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix subvolume deletion lockup caused by inodes xarray race There is a race condition between inode eviction and inode caching that can cause a live struct btrfsinode to be missing from the root-inodes xarray. Specifically,...
CVE-2025-39884
Mode C: The provided documents describe CVE-2025-39884 as a Linux kernel (btrfs) race where eviction and inode caching can lose a live btrfs_inode in root->inodes, breaking subvolume deletion. The root cause is a window in evict() between unhashed inode removal and xarray deletion, allowing a ...