CVE-2026-43075

The CVE-2026-43075 issue affects the Linux kernel’s ocfs2 filesystem code. A corrupted ocfs2 filesystem mounted on a loop device could trigger an out-of-bounds write in ocfs2_write_end_inline during a copy_file_range splice fallback, caused by trusting on-disk id_count to fit inline data. The roo...

PT-2026-37454

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the fs/ntfs3 component where errors occurring during the attr set size function call are silently ignored when truncating files down. This can lead to the inode being...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of validation of the inline data isize when reading inode values. This vulnerability may...

PT-2026-37385

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds write exists in the ocfs2 write end inline function. The issue occurs because ocfs2 try to write inline data relies on the on-disk id count field to determine if a write...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an out-of-bounds write operation in the ocfs2writeendinline function. This vulnerability may lead...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the incorrect update of isize when logging replay is performed. This issue may lead to inode with...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ntfs3 file system’s failure to handle the attrsetsize function error when truncating files,...

PT-2026-37386

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the OCFS2 file system where the ocfs2 validate inode block function fails to validate the size of inline data when reading an inode from disk. In cases of filesystem...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from calling iomapfiemap within the gfs2fiemap function when the inode glock is held. This can lead to...

Linux Distros Unpatched Vulnerability : CVE-2025-71289

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/ntfs3: handle attrsetsize errors when truncating files If attrsetsize fails while truncating down, the error is silently ignored and the inode may be left in...

PT-2026-37428

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Btrfs file system where an inode may retain a non-zero size after log replay, even if it was truncated to zero. This occurs because when logging that an inode exis...

Linux Distros Unpatched Vulnerability : CVE-2026-43118

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: fix zero size inode with non-zero size after log replay When logging that an inode exists, as part of logging a new name or logging new dir entries for a...

PT-2026-37427

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A crash can occur in the Linux kernel when using overlay on top of btrfs. This happens because the btrfs sync file function incorrectly references the superblock from the dentry, which...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the incorrect setting of a special inode in hfsplus as of the SIFREG type, potentially leading to...

Linux Distros Unpatched Vulnerability : CVE-2026-43075

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ocfs2: fix out-of-bounds write in ocfs2writeendinline KASAN reports a use-after-free write of 4086 bytes in ocfs2writeendinline, called from ocfs2writeendnolock...

Linux Distros Unpatched Vulnerability : CVE-2026-43076

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ocfs2: validate inline data isize during inode read When reading an inode from disk, ocfs2validateinodeblock performs various sanity checks but does not validat...

EUVD-2026-27365

In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4fcreplayinode error paths During code review, Joseph found that ext4fcreplayinode calls ext4getfcinodeloc to get the inode location, which holds a reference to iloc.bh that must be released via brels...

CVE-2026-43066

In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4fcreplayinode error paths During code review, Joseph found that ext4fcreplayinode calls ext4getfcinodeloc to get the inode location, which holds a reference to iloc.bh that must be released via brels...

CVE-2026-43066 ext4: fix iloc.bh leak in ext4_fc_replay_inode() error paths

In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4fcreplayinode error paths During code review, Joseph found that ext4fcreplayinode calls ext4getfcinodeloc to get the inode location, which holds a reference to iloc.bh that must be released via brels...

CVE-2026-43066

CVE-2026-43066: In Linux kernel ext4_fc_replay_inode(), iloc.bh leak could occur on error paths due to missing brelse at several failure points. The patch adds an out_brelse label before the existing out label to ensure iloc.bh is released, and also makes ext4_fc_replay_inode() propagate errors i...