3383 matches found
DEBIAN-CVE-2026-42497
Archive::Tar versions before 3.08 for Perl extract hardlinks to attacker controlled paths outside the extraction directory. makespecialfile passes the tar header's linkname to link without validating it against absolute paths or .. segments, creating a hardlink that shares the victim file's inode...
UBUNTU-CVE-2026-42497
Archive::Tar versions before 3.08 for Perl extract hardlinks to attacker controlled paths outside the extraction directory. makespecialfile passes the tar header's linkname to link without validating it against absolute paths or .. segments, creating a hardlink that shares the victim file's inode...
CVE-2026-42497
Archive::Tar for Perl versions before 3.08 contains a path traversal via hardlinks: _make_special_file() passes the tar header linkname to link() without validating absolute paths or .. segments, allowing a hardlink to attacker-controlled targets outside the extraction directory. A follow-up writ...
EUVD-2026-31777
Archive::Tar versions before 3.08 for Perl extract hardlinks to attacker controlled paths outside the extraction directory. makespecialfile passes the tar header's linkname to link without validating it against absolute paths or .. segments, creating a hardlink that shares the victim file's inode...
CVE-2026-42497
Archive::Tar versions before 3.08 for Perl extract hardlinks to attacker controlled paths outside the extraction directory. makespecialfile passes the tar header's linkname to link without validating it against absolute paths or .. segments, creating a hardlink that shares the victim file's inode...
PT-2026-43163
Name of the Vulnerable Software and Affected Versions Archive::Tar versions prior to 3.08 Description Archive::Tar for Perl allows the extraction of hardlinks to attacker-controlled paths outside the intended extraction directory. The function make special file passes the tar header's linkname to...
kernel: proc: fix UAF in proc_get_inode()
In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in procgetinode Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde-procops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc entry has been registered...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Fixed a null-ptr-deref issue in inode-iop in ntfslookup. Syzbot reported a null-ptr-deref bug: ntfs3: loop0: The sector size of NTFS is 1024, while the media sector size is 512. ntfs3: loop0: Marking the volume as...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: btrfs: Do not drop the extentmap for the inode of free space during a write error. While running the CI for an unrelated change, I encountered the following panic: with generic/648 on btrfsholesspacecache. The assertion failed:...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ext4: Do not create EA inodes under the buffer lock The ext4xattrsetentry function creates new EA inodes while holding the buffer lock on the external xattr block. This is problematic because all allocation-related locking...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed the sanity check on ino and xnid. syzbot reported a f2fs bug as follows: INFO: Task syz-executor140:5308 was blocked for more than 143 seconds. Not tainted. 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 0 “echo 0...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: smb3: Fixed temporary data corruption during the insert operation. The insert operation does not discard the affected cached data; therefore, there is a risk of temporarily corrupting file data. Some minor optimizations were...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: ceph: Messages from the MDS will be dropped when unmounting. When unmounting, all dirty buffers will be flushed. After the last OSD request is completed, the last reference to icount will be released. Then, the dirty cap/snap...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: f2fs: Synchronize atomic write aborts To address the race condition between atomic write aborts, I use the inode lock and ensure that the COW inode can be reused throughout the entire lifetime of the atomic file inode...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ntfs3: init run lock for extend inode After setting the inode mode of $Extend to a regular file, executing the truncate system call will invoke the dotruncate routine, resulting in an uninitialized runlock error reported by syzbo...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed to avoid out-of-bounds access in f2fstruncateinodeblocks syzbot reports an UBSAN issue as follows: ------------ cut here --- UBSAN: Array-index out-of-bounds in fs/f2fs/node.h:381:10 Index 18446744073709550692 is out ...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Fixed a lockup issue caused by a race condition between inode eviction and inode caching. This race condition could cause the struct btrfsinode structure to be missing from the root-inodes xarray. Specifically, there is...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ext4: dax: fix an issue where overflowing extents beyond the inode size occurs during partial writing. The daxiomaprw function does two things in each iteration: it maps the written blocks and copies user data to those blocks. If...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: “fs/ntfs3: Replace inodetrylock with inodelock” This change is reflected in commit 69505fe98f198ee813898cbcaf6770949636430b. Initially, the conditional lock acquisition was removed to fix a bug in xfstest that was observed during...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: Binder: Fixed a use-after-free in bindersfsevict inode. When running stress-ng --binderfs 16 --timeout 300 under the KASAN-enabled kernel, the following issues were observed: BUG: KASAN: Slab-use-after-free in bindersfsevict...