kernel: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all()

In the Linux kernel, the following vulnerability has been resolved: ext4: fix out-of-bound read in ext4xattrinodedecrefall There's issue as follows: BUG: KASAN: use-after-free in ext4xattrinodedecrefall+0x6ff/0x790 Read of size 4 at addr ffff88807b003000 by task syz-executor.0/15172 CPU: 3 PID:...

kernel: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all()

In the Linux kernel, the following vulnerability has been resolved: ext4: fix out-of-bound read in ext4xattrinodedecrefall There's issue as follows: BUG: KASAN: use-after-free in ext4xattrinodedecrefall+0x6ff/0x790 Read of size 4 at addr ffff88807b003000 by task syz-executor.0/15172 CPU: 3 PID:...

The vulnerability in the fs/f2fs/inode.c module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability in the fs/f2fs/inode.c module of the Linux operating system is related to mutual locking of execution threads. Exploiting this vulnerability can allow an attacker to cause a service failure...

PT-2025-35974

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw where a maliciously fuzzed file system can trigger a BUG ON in the ext4 update inline data function when an inode has the INLINE DATA FL flag set but is...

PT-2025-35350

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's f2fs implementation related to out-of-boundary access in dnode pages. The issue stems from a corrupted image where a dnode shares a node ID with its...

kernel: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all()

In the Linux kernel, the following vulnerability has been resolved: ext4: fix out-of-bound read in ext4xattrinodedecrefall There's issue as follows: BUG: KASAN: use-after-free in ext4xattrinodedecrefall+0x6ff/0x790 Read of size 4 at addr ffff88807b003000 by task syz-executor.0/15172 CPU: 3 PID:...

kernel: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all()

In the Linux kernel, the following vulnerability has been resolved: ext4: fix out-of-bound read in ext4xattrinodedecrefall There's issue as follows: BUG: KASAN: use-after-free in ext4xattrinodedecrefall+0x6ff/0x790 Read of size 4 at addr ffff88807b003000 by task syz-executor.0/15172 CPU: 3 PID:...

kernel: ext4: ignore xattrs past end

A use-after-free vulnerability has been discovered in the Linux kernel, specifically within the ext4xattrinodedecrefall function related to the ext4 filesystem's extended attributes. An attacker could exploit this flaw by providing a specially crafted payload, leading to a denial of service...

kernel: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all()

In the Linux kernel, the following vulnerability has been resolved: ext4: fix out-of-bound read in ext4xattrinodedecrefall There's issue as follows: BUG: KASAN: use-after-free in ext4xattrinodedecrefall+0x6ff/0x790 Read of size 4 at addr ffff88807b003000 by task syz-executor.0/15172 CPU: 3 PID:...

f2fs: fix to avoid out-of-bounds access in f2fs_truncate_inode_blocks()

...

jfs: Fix uninit-value access of imap allocated in the diMount() function

...

jfs: Prevent copying of nlink with value 0 from disk inode

...

SUSE CVE-2025-38347

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on ino and xnid syzbot reported a f2fs bug as below: INFO: task syz-executor140:5308 blocked for more than 143 seconds. Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 0 "echo 0...

AZL-72838 CVE-2025-38347 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on ino and xnid syzbot reported a f2fs bug as below: INFO: task syz-executor140:5308 blocked for more than 143 seconds. Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 0 "echo 0...

CVE-2025-38347

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on ino and xnid syzbot reported a f2fs bug as below: INFO: task syz-executor140:5308 blocked for more than 143 seconds. Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 0 "echo 0...

AZL-64928 CVE-2025-38347 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on ino and xnid syzbot reported a f2fs bug as below: INFO: task syz-executor140:5308 blocked for more than 143 seconds. Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 0 "echo 0...

DEBIAN-CVE-2025-38347

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on ino and xnid syzbot reported a f2fs bug as below: INFO: task syz-executor140:5308 blocked for more than 143 seconds. Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 0 "echo 0...

UBUNTU-CVE-2025-38347

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on ino and xnid syzbot reported a f2fs bug as below: INFO: task syz-executor140:5308 blocked for more than 143 seconds. Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 0 "echo 0...

CVE-2025-38347

CVE-2025-38347 is tied to a Linux kernel issue in the F2FS file system. The description details a deadlock scenario during mknod in a corrupted directory, caused by locking the directory inode page twice while processing ACL/xattrs. The root cause is a mismatch between inode number and xattr inod...

CVE-2025-38347

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on ino and xnid syzbot reported a f2fs bug as below: INFO: task syz-executor140:5308 blocked for more than 143 seconds. Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 0 "echo 0...