Linux Distros Unpatched Vulnerability : CVE-2026-43076

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ocfs2: validate inline data isize during inode read When reading an inode from disk, ocfs2validateinodeblock performs various sanity checks but does not validat...

EUVD-2026-27365

In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4fcreplayinode error paths During code review, Joseph found that ext4fcreplayinode calls ext4getfcinodeloc to get the inode location, which holds a reference to iloc.bh that must be released via brels...

CVE-2026-43066

In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4fcreplayinode error paths During code review, Joseph found that ext4fcreplayinode calls ext4getfcinodeloc to get the inode location, which holds a reference to iloc.bh that must be released via brels...

CVE-2026-43066 ext4: fix iloc.bh leak in ext4_fc_replay_inode() error paths

In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4fcreplayinode error paths During code review, Joseph found that ext4fcreplayinode calls ext4getfcinodeloc to get the inode location, which holds a reference to iloc.bh that must be released via brels...

CVE-2026-43066

CVE-2026-43066: In Linux kernel ext4_fc_replay_inode(), iloc.bh leak could occur on error paths due to missing brelse at several failure points. The patch adds an out_brelse label before the existing out label to ensure iloc.bh is released, and also makes ext4_fc_replay_inode() propagate errors i...

CVE-2026-43066

In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4fcreplayinode error paths During code review, Joseph found that ext4fcreplayinode calls ext4getfcinodeloc to get the inode location, which holds a reference to iloc.bh that must be released via brels...

PT-2026-37069

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the ext4 file system within the ext4 fc replay inode function. The function calls ext4 get fc inode loc to obtain the inode location, which creates a reference to...

Linux Distros Unpatched Vulnerability : CVE-2026-43066

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: fix iloc.bh leak in ext4fcreplayinode error paths During code review, Joseph found that ext4fcreplayinode calls ext4getfcinodeloc to get the inode locatio...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: jfs: Prevent copying of nlink with a value of 0 from the disk inode. syzbot reported a deadlock in diFree. 1 When calling “ioctl$LOOPSETSTATUS64”, the offset value passed in is 4, which does not match the mounted loop device...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: The release path is checked before inode lookup during the ino lookup ioctl operation. During the ino lookup ioctl operation, we may call btrfsiget to obtain an inode reference while we are holding onto the root’s btree...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: capabilities: A potential memory leak was fixed in the error path of vfsgetxattralloc. In capinodegetsecurity, we use vfsgetxattralloc to complete the memory allocation of tmpbuf. If we have completed the memory allocation of...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed an out-of-bound read in ext4xattrinodedecrefall. The issue is as follows: BUG: KASAN: Use-after-free in ext4xattr inodedecrefall+0x6ff/0x790. A read of size 4 was performed at address ffff88807b003000 by the task...

Astra Linux - уязвимость в linux-5.15, linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: hfs: fixed OOB read in hfsbrecfind Syzbot reported a OOB read bug: ================================================================== Bug: KASAN: slab-out-of-bounds in hfsstrcmp+0x117/0x190 fs/hfs/string.c:84 A read of size 1...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Fuse: Fix for the deadlock caused by reclaimeduring. The commit e26ee4efbc79 “Fuse: Allocate ff-releaseargs only if release is needed” avoids allocating ff-releaseargs if the server does not implement open. However, in doing so,...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Mitigation of the issue where the EA inode refcount may underflow during xattr updates. Syzkaller identified a path in the ext4xattrinodeupdateref function where the refcount of EA inodes is checked. If the refcount is...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel before 6.1.3, fs/ntfs3/inode.c does not validate the attribute name offset. An unhandled page fault may occur...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ocfs2: Fixed data corruption after conversion from inline format. The commit 6dbf7bb55598 “fs: Do not invalidate page buffers in blockwritefullpage” uncovered a latent bug in the conversion from inline inode format to a normal...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: The inode is marked as “bad” as soon as an error is detected using the mienumattr function. The interface of the miEnumAttr function was extended by adding an additional parameter, struct ntfsinode ni. This allows the...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: nilfs2: Fixed a use-after-free of nilfsroot during the process of dirtying inodes via iput. During the unmount process of nilfs2, nothing holds the nilfsroot structure after nilfsdetachlogwriter releases it. Previously, nilfsevic...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: Fixed the issue where idisksize could exceed isize in partially written cases. It is possible for idisksize to exceed isize, triggering a warning. The code includes the following steps: - genericperformwrite: Copied =...