CVE-2025-38220

CVE-2025-38220 affects the Linux kernel ext4 subsystem. The vulnerability occurs when processing an orphan-list symlink inode during truncation; partial block zeroing calls ext4_dirty_journalled_data() which invokes folio_mark_dirty() via mapping->a_ops->dirty_folio(), but symlink inodes la...

CVE-2025-38220 ext4: only dirty folios when data journaling regular files

In the Linux kernel, the following vulnerability has been resolved: ext4: only dirty folios when data journaling regular files fstest generic/388 occasionally reproduces a crash that looks as follows: BUG: kernel NULL pointer dereference, address: 0000000000000000 ... Call Trace:...

UBUNTU-CVE-2025-38176

In the Linux kernel, the following vulnerability has been resolved: binder: fix use-after-free in binderfsevictinode Running 'stress-ng --binderfs 16 --timeout 300' under KASAN-enabled kernel, I've noticed the following: BUG: KASAN: slab-use-after-free in binderfsevictinode+0x1de/0x2d0 Write of...

CVE-2025-38176 binder: fix use-after-free in binderfs_evict_inode()

In the Linux kernel, the following vulnerability has been resolved: binder: fix use-after-free in binderfsevictinode Running 'stress-ng --binderfs 16 --timeout 300' under KASAN-enabled kernel, I've noticed the following: BUG: KASAN: slab-use-after-free in binderfsevictinode+0x1de/0x2d0 Write of...

PT-2025-36415

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.16-rc1 Description A flaw was addressed in the Linux kernel related to a reversion of a commit that replaced inode trylock with inode lock in the NTFS3 file system. The initial removal of conditional lock...

PT-2025-27994

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the fixed version Description: A vulnerability in the Linux kernel has been resolved, which prevented a kernel warning due to a negative i nlink from a corrupted image. The issue was related to the f2fs file...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a kernel bug triggered when encrypted inode file sizes are not aligned...

PT-2025-27995

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been identified, which can cause a kernel NULL pointer dereference when processing a symlink inode from the orphan list. This issue arises due t...

PT-2025-27897

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the fixed version Description: A use-after-free issue has been identified in the Linux kernel, specifically in the binderfs evict inode function. This issue can be triggered by running a stress-ng workload with...

The vulnerability in the `fs/tracefs/event inode.c` component of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the fs/tracefs/event inode.c component in the Linux operating system is related to pointer dereferencing errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

AZL-64574 CVE-2025-38163 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on sbi-totalvalidblockcount syzbot reported a f2fs bug as below: ------------ cut here ------------ kernel BUG at fs/f2fs/f2fs.h:2521! RIP: 0010:decvalidblockcount+0x3b2/0x3c0 fs/f2fs/f2fs.h:2521 Call...

kernel: proc: fix UAF in proc_get_inode()

In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in procgetinode Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde-procops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc entry has been registered...

kernel: ext4: ignore xattrs past end

A use-after-free vulnerability has been discovered in the Linux kernel, specifically within the ext4xattrinodedecrefall function related to the ext4 filesystem's extended attributes. An attacker could exploit this flaw by providing a specially crafted payload, leading to a denial of service...

CVE-2022-50082

In the Linux kernel, the following vulnerability has been resolved: ext4: fix warning in ext4iomapbegin as race between bmap and write We got issue as follows: ------------ cut here ------------ WARNING: CPU: 3 PID: 9310 at fs/ext4/inode.c:3441 ext4iomapbegin+0x182/0x5d0 RIP:...

CVE-2022-50083

REJECTED CVE In the Linux kernel, the following vulnerability has been resolved: ext4: add EXT4INODEHASXATTRSPACE macro in xattr.h...

CLSA-2025-1750353839 kernel: Fix of 6 CVEs

pfifotailenqueue: Drop new packet when sch-limit == 0 CVE-2025-21702 - xfs: add bounds checking to xlogrecoverprocessdata CVE-2024-41014 - netfilter: validate user input for expected length CVE-2024-35896 - nfs: fix UAF in direct writes CVE-2024-26958 - Squashfs: check the inode number is not the...

SUSE CVE-2022-50006

In the Linux kernel, the following vulnerability has been resolved: NFSv4.2 fix problems with nfs42sscopen A destination server while doing a COPY shouldn't accept using the passed in filehandle if its not a regular filehandle. If allocfilepseudo has failed, we need to decrement a reference on th...

SUSE CVE-2022-50009

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix null-ptr-deref in f2fsgetdnodeofdata There is issue as follows when test f2fs atomic write: F2FS-fs loop0: Can't find valid F2FS filesystem in 2th superblock F2FS-fs loop0: invalid crcoffset: 0 F2FS-fs loop0:...

SUSE CVE-2022-50082

In the Linux kernel, the following vulnerability has been resolved: ext4: fix warning in ext4iomapbegin as race between bmap and write We got issue as follows: ------------ cut here ------------ WARNING: CPU: 3 PID: 9310 at fs/ext4/inode.c:3441 ext4iomapbegin+0x182/0x5d0 RIP:...

SUSE CVE-2022-50205

In the Linux kernel, the following vulnerability has been resolved: ext2: Add more validity checks for inode counts Add checks verifying number of inodes stored in the superblock matches the number computed from number of inodes per group. Also verify we have at least one block worth of inodes pe...