CVE-2025-71309 fs/ntfs3: fix deadlock in ni_read_folio_cmpr

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: fix deadlock in nireadfoliocmpr Syzbot reported a task hung in nireadpagecmpr now nireadfoliocmpr. This is caused by a lock inversion deadlock involving the inode mutex nilock and page locks. Scenario: 1. Task A enters...

CVE-2025-71309

CVE-2025-71309 describes a deadlock in the Linux kernel ntfs3 code where an inode mutex (ni_lock) and per-page locks can invert order, causing a hang in ntfs_read_folio() / ni_read_folio_cmpr() during frame reads. The root cause is locking order: taking ni_lock in ntfs_read_folio() before acquiri...

kernel: proc: fix UAF in proc_get_inode()

In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in procgetinode Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde-procops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc entry has been registered...

Linux Distros Unpatched Vulnerability : CVE-2026-46040

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - inotify: fix watch count leak when fsnotifyaddinodemarklocked fails When fsnotifyaddinodemarklocked fails in inotifynewwatch, the error path calls...

CVE-2026-46040

inotify: fix watch count leak when fsnotifyaddinodemarklocked fails...

PT-2026-43913

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A refcount leak occurs in the ext4 filesystem when block csum is false. This happens because the function ext4 xattr inode dec ref all calls ext4 get inode loc to obtain iloc.bh but fail...

RHEL 9 : kernel (RHSA-2026:21209)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:21209 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: proc: fix UAF in procgetinode...

PT-2026-43692

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: fix deadlock in ni read folio cmpr Syzbot reported a task hung in ni readpage cmpr now ni read folio cmpr. This is caused by a lock inversion deadlock involving the inode mutex ni lock and page locks. Scenario: 1. Task ...

PT-2026-43947

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ocfs2 module where direct I/O DIO operations can lead to credit exhaustion in JBD2 Journaling Block Device, resulting in system warnings. This occurs during the...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the function ext4xattr inodedecrefall not releasing iloc.bh properly, resulting in a leak of the...

CVE-2026-46046

ext4: fix missing brelse in ext4xattrinodedecrefall...

PT-2026-43869

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ext2 filesystem where the ext2 iget function fails to reject inodes that have a link count i nlink of zero while maintaining a valid mode and a zero deletion time ...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the nireadfoliocmpr function in the ntfs3 file system. This function involves deadlocks due to lo...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the rmdir operation in the FAT file system does not check the inlink value of the...

Linux Distros Unpatched Vulnerability : CVE-2026-45915

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fat: avoid parent link count underflow in rmdir Corrupted FAT images can leave a directory inode with an incorrect inlink e.g. 2 even though subdirectories exis...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure of the fsnotifyadd inodemarklocked function in inotifynewwatch, where the monitoring...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ext2iget function failing to properly reject inodes where inlink is zero, imode is non-zero,...

PT-2026-43782

In the Linux kernel, the following vulnerability has been resolved: fat: avoid parent link count underflow in rmdir Corrupted FAT images can leave a directory inode with an incorrect i nlink e.g. 2 even though subdirectories exist. rmdir then unconditionally calls drop nlinkdir and can drive i...

PT-2026-43907

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A watch count leak occurs in the inotify system when the fsnotify add inode mark locked function fails within inotify new watch. In this scenario, the error path executes inotify remove...

kernel: proc: fix UAF in proc_get_inode()

In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in procgetinode Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde-procops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc entry has been registered...