Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: jfs: fixed a slab-out-of-bounds Read in dtSearch Currently, when searching for the current page in the sorted entry table of the page, there is an out-of-bound access. A bound check has been added to fix this error. Dave: Set the...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: jfs: Verify the inode mode when loading from disk. The inode mode loaded from a corrupted disk may be invalid. Do as described in the commit 0a9e74051313 “isofs: Verify the inode mode when loading from disk”...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an overflow in the nlink function of the jfs file system’s jfsrename function. This vulnerability may...

Astra Linux - уязвимость в linux

A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well a...

Astra Linux - уязвимость в linux-5.15, linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: fs: jfs: fix shift-out-of-bounds in dbAllocAG Syzbot found a crash : UBSAN: shift-out-of-bounds in dbAllocAG. The underlying bug is the missing check of bmp-dbagl2size. The field can be greater than 64 and trigger the...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Prevent integer overflow in AG size calculation The JFS filesystem calculates allocation group AG size using 1 2TB aggregates on 32-bit systems, this 32-bit shift operation causes undefined behavior and improper AG sizing...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: jfs: added a sanity check for agwidth in dbMount. When the width of the AG in dmapctl is zero, a divide error occurs when calculating the control page level in dbAllocAG. To avoid this issue, a check for agwidth was added in...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007559)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007559 advisory. In the Linux kernel, the following vulnerability has been resolved: fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev Syzkaller reported the following...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005537)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005537 advisory. In the Linux kernel, the following vulnerability has been resolved: jfs: check if leafidx greater than num leaves per dmap tree syzbot report a out of bounds in...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992780)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992780 advisory. In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Prevent integer overflow in AG size calculation The JFS filesystem calculates allocation...

CVE-2023-54127

CVE-2023-54127 describes a kernel-level double-free in JFS during unmount/remount paths. Affected code paths include dbUnmount() in fs/jfs/jfs_dmap.c and jfs_umount/jfs_put_super, with a KASAN slab_free/free hook triggering the double-free in mm/slub.c. The issue occurs after a failed jfs_remount...

CVE-2023-54127 fs/jfs: prevent double-free in dbUnmount() after failed jfs_remount()

In the Linux kernel, the following vulnerability has been resolved: fs/jfs: prevent double-free in dbUnmount after failed jfsremount Syzkaller reported the following issue: ================================================================== BUG: KASAN: double-free in slabfree mm/slub.c:3787 inline...

USN-7940-1: Linux kernel (Azure FIPS) vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

EUVD-2025-203728

In the Linux kernel, the following vulnerability has been resolved: jfs: fix uninitialized waitqueue in transaction manager The transaction manager initialization in txInit was not properly initializing TxBlock0.waitor waitqueue, causing a crash when txEnd0 is called on read-only filesystems. Whe...

UBUNTU-CVE-2025-68168

In the Linux kernel, the following vulnerability has been resolved: jfs: fix uninitialized waitqueue in transaction manager The transaction manager initialization in txInit was not properly initializing TxBlock0.waitor waitqueue, causing a crash when txEnd0 is called on read-only filesystems. Whe...

CVE-2025-40312

In the Linux kernel, the following vulnerability has been resolved: jfs: Verify inode mode when loading from disk The inode mode loaded from corrupted disk can be invalid. Do like what commit 0a9e74051313 "isofs: Verify inode mode when loading from disk" does...

CVE-2023-53766

In the Linux kernel, the following vulnerability has been resolved: FS: JFS: Check for read-only mounted filesystem in txBegin This patch adds a check for read-only mounted filesystem in txBegin before starting a transaction potentially saving from NULL pointer deref...

CVE-2023-53766

CVE-2023-53766 relates to the Linux kernel, specifically the JFS filesystem. A patch adds a check in txBegin to verify a read-only mounted filesystem before starting a transaction, potentially preventing a NULL pointer dereference. The remediation is a kernel patch (Linux kernel, JFS code path) t...

CVE-2025-40312 jfs: Verify inode mode when loading from disk

In the Linux kernel, the following vulnerability has been resolved: jfs: Verify inode mode when loading from disk The inode mode loaded from corrupted disk can be invalid. Do like what commit 0a9e74051313 "isofs: Verify inode mode when loading from disk" does...

USN-7911-1 linux vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SCSI subsystem; - JFS file system; CVE-2023-52975, CVE-2024-56596...