3432 matches found
UBUNTU-CVE-2025-38578
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid UAF in f2fssyncinodemeta syzbot reported an UAF issue as below: 1 2 1 https://syzkaller.appspot.com/text?tag=CrashReport&x=16594c60580000 ================================================================== BUG:...
UBUNTU-CVE-2025-38615
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: cancle set bad inode after removing name fails The reproducer uses a file0 on a ntfs3 file system with a corrupted ilink. When renaming, the file0's inode is marked as a bad inode because the file name cannot be deleted...
UBUNTU-CVE-2025-38577
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid panic in f2fsevictinode As syzbot 1 reported as below: R10: 0000000000000100 R11: 0000000000000206 R12: 00007ffe17473450 R13: 00007f28b1c10854 R14: 000000000000dae5 R15: 00007ffe17474520 --- end trace...
CVE-2025-38615 fs/ntfs3: cancle set bad inode after removing name fails
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: cancle set bad inode after removing name fails The reproducer uses a file0 on a ntfs3 file system with a corrupted ilink. When renaming, the file0's inode is marked as a bad inode because the file name cannot be deleted...
CVE-2025-38615
CVE-2025-38615 affects the Linux kernel NTFS3 file system (fs/ntfs3). The vulnerability arises when renaming a file on an NTFS3 volume with a corrupted i_link, where make_bad_inode() is invoked on a live inode. This can lead to the inode being treated as bad while it remains in icache, and a race...
CVE-2025-38615
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: cancle set bad inode after removing name fails The reproducer uses a file0 on a ntfs3 file system with a corrupted ilink. When renaming, the file0's inode is marked as a bad inode because the file name cannot be deleted...
CVE-2025-38615 fs/ntfs3: cancle set bad inode after removing name fails
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: cancle set bad inode after removing name fails The reproducer uses a file0 on a ntfs3 file system with a corrupted ilink. When renaming, the file0's inode is marked as a bad inode because the file name cannot be deleted...
CVE-2025-38580
The CVE-2025-38580 entry concerns a Linux kernel ext4 use-after-free in ext4_end_io_rsv_work(). The fix adds a check in ext4_io_end_defer_completion() to ensure io_end->list_vec is empty before adding to i_rsv_conversion_list, preventing starting an unnecessary worker. It also adds ext4_emerge...
CVE-2025-38580 ext4: fix inode use after free in ext4_end_io_rsv_work()
In the Linux kernel, the following vulnerability has been resolved: ext4: fix inode use after free in ext4endiorsvwork In ext4ioenddefercompletion, check if ioend-listvec is empty to avoid adding an ioend that requires no conversion to the irsvconversionlist, which in turn prevents starting an...
CVE-2025-38580
In the Linux kernel, the following vulnerability has been resolved: ext4: fix inode use after free in ext4endiorsvwork In ext4ioenddefercompletion, check if ioend-listvec is empty to avoid adding an ioend that requires no conversion to the irsvconversionlist, which in turn prevents starting an...
CVE-2025-38580 ext4: fix inode use after free in ext4_end_io_rsv_work()
In the Linux kernel, the following vulnerability has been resolved: ext4: fix inode use after free in ext4endiorsvwork In ext4ioenddefercompletion, check if ioend-listvec is empty to avoid adding an ioend that requires no conversion to the irsvconversionlist, which in turn prevents starting an...
CVE-2025-38578
CVE-2025-38578 is a Linux kernel vulnerability related to f2fs use-after-free in f2fs_sync_inode_meta, as discussed in the initial description. The issue arises in the writeback path via f2fs_inode_synced/update_inode/write_inode, leading to a use-after-free condition detected by KASAN. A fix has...
CVE-2025-38578 f2fs: fix to avoid UAF in f2fs_sync_inode_meta()
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid UAF in f2fssyncinodemeta syzbot reported an UAF issue as below: 1 2 1 https://syzkaller.appspot.com/text?tag=CrashReport&x=16594c60580000 ================================================================== BUG:...
CVE-2025-38578 f2fs: fix to avoid UAF in f2fs_sync_inode_meta()
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid UAF in f2fssyncinodemeta syzbot reported an UAF issue as below: 1 2 1 https://syzkaller.appspot.com/text?tag=CrashReport&x=16594c60580000 ================================================================== BUG:...
CVE-2025-38578
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid UAF in f2fssyncinodemeta syzbot reported an UAF issue as below: 1 2 1 https://syzkaller.appspot.com/text?tag=CrashReport&x=16594c60580000 ================================================================== BUG:...
CVE-2025-38577 f2fs: fix to avoid panic in f2fs_evict_inode
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid panic in f2fsevictinode As syzbot 1 reported as below: R10: 0000000000000100 R11: 0000000000000206 R12: 00007ffe17473450 R13: 00007f28b1c10854 R14: 000000000000dae5 R15: 00007ffe17474520 --- end trace...
CVE-2025-38577
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid panic in f2fsevictinode As syzbot 1 reported as below: R10: 0000000000000100 R11: 0000000000000206 R12: 00007ffe17473450 R13: 00007f28b1c10854 R14: 000000000000dae5 R15: 00007ffe17474520 --- end trace...
CVE-2025-38577 f2fs: fix to avoid panic in f2fs_evict_inode
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid panic in f2fsevictinode As syzbot 1 reported as below: R10: 0000000000000100 R11: 0000000000000206 R12: 00007ffe17473450 R13: 00007f28b1c10854 R14: 000000000000dae5 R15: 00007ffe17474520 --- end trace...
CVE-2025-38577
CVE-2025-38577 : In the Linux kernel, a use-after-free in the f2fs code path can trigger during inode eviction/writeback. The provided trace shows a KASAN use-after-free in __list_del_entry_valid() while f2fs_inode_synced → f2fs_update_inode → f2fs_write_inode, culminating in a crash during check...
PT-2025-33778 · Ext4 +1 · Ext4 +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw within the ext4 filesystem implementation. Specifically, a use-after-free issue can occur in the ext4 end io rsv work function. This is due to...