3436 matches found
kernel: NFSv4.2 fix problems with __nfs42_ssc_open
In the Linux kernel, the following vulnerability has been resolved: NFSv4.2 fix problems with nfs42sscopen A destination server while doing a COPY shouldn't accept using the passed in filehandle if its not a regular filehandle. If allocfilepseudo has failed, we need to decrement a reference on th...
kernel: gfs2: Always check inode size of inline inodes
In the Linux kernel, the following vulnerability has been resolved: gfs2: Always check inode size of inline inodes Check if the inode size of stuffed inline inodes is within the allowed range when reading inodes from disk gfs2dinodein. This prevents us from on-disk corruption. The two checks in...
kernel: writeback: avoid use-after-free after removing device
In the Linux kernel, the following vulnerability has been resolved: writeback: avoid use-after-free after removing device When a disk is removed, bdiunregister gets called to stop further writeback and wait for associated delayed work to complete. However, wbinodewritebackend may schedule bandwid...
No title provided
REJECTED CVE In the Linux kernel, the following vulnerability has been resolved: ext4: add EXT4INODEHASXATTRSPACE macro in xattr.h...
kernel: ext4: use-after-free in ext4_xattr_set_entry()
A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw allows a privileged local user to cause a system crash or other undefined behaviors...
PT-2025-41051
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.0-rc4-syzkaller-62821-gcb231e2f67ec Description The Linux kernel contains a flaw in the ext4 filesystem implementation. Specifically, the ext4 evict inode function accesses an uninitialized value, potentially...
PT-2025-25932 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns the Linux kernel's handling of NFSv4.2, specifically with the nfs42 ssc open function. A problem arises when a destination server performs a COPY operation and accep...
AZL-26689 CVE-2023-2513 affecting package kernel for versions less than 5.15.112.1-1
A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors...
DEBIAN-CVE-2023-2513
A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors...
CVE-2023-2513
A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors...
SUSE CVE-2023-2513
A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors...
Important: kernel
Issue Overview: A vulnerability was found in the fs/inode.c:inodeinitowner function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory i...
Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6032-1)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6032-1 advisory. Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an out-of- bounds write vulnerability. A local attacker coul...
OESA-2023-1209 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel before 5.19, drivers/gpu/drm/arm/malidpplanes.c misinterprets the getsgtable return value expects it to be NULL in the error case, whereas it is actually an error pointer.CVE-2023-23004 A use-after-free flaw w...
CVE-2020-11935
It was discovered that aufs improperly managed inode reference counts in the vfsubdentryopen method. A local attacker could use this vulnerability to cause a denial of service attack...
CVE-2020-11935
It was discovered that aufs improperly managed inode reference counts in the vfsubdentryopen method. A local attacker could use this vulnerability to cause a denial of service attack...
Buffer overflow
It was discovered that aufs improperly managed inode reference counts in the vfsubdentryopen method. A local attacker could use this vulnerability to cause a denial of service attack...
CVE-2020-11935
CVE-2020-11935 concerns the aufs filesystem implementation in the Linux kernel, where inode reference counts are improperly managed in the vfsub_dentry_open() method. This defect can allow a local attacker to trigger a denial-of-service condition. The connected documents consistently describe the...
CVE-2020-11935 aufs: improperly managed inode reference counts in the vfsub_dentry_open() method
It was discovered that aufs improperly managed inode reference counts in the vfsubdentryopen method. A local attacker could use this vulnerability to cause a denial of service attack...
CVE-2020-11935
Removed by vendor...