105 matches found
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux
In the Linux kernel, the following vulnerabilities have been resolved: jfs: Fixed a UAF in dbFreeBits Reported by syzbot ERROR: KASAN: Slab-use-after-free in mutexlockcommon kernel/locking/mutex.c:587 inline ERROR: KASAN: Slab-use-after-free in mutexlock+0xfe/0xd70 kernel/locking/mutex.c:752 Read...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: jfs: fixed an invalid free of JFSIPipimap-iimap in diUnmount syzbot detected an invalid-free in diUnmount: BUG: KASAN: double-free in slabfree mm/slub.c:3661 inline BUG: KASAN: double-free in kmemcachefree+0x71/0x110 mm/slub.c:36...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: jfs: added a check to prevent array-index-out-of-bounds in dbAdjTree. When the value of lp is 0 at the beginning of the for loop, it will become negative during the next assignment, and we should take appropriate measures to avoi...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux
In the Linux kernel, the following vulnerability has been resolved: jfs: Check whether leafidx is greater than the number of leaves per dmap tree. A out-of-bounds error was reported in dbSplit; this occurs when dmtleafidx is greater than the number of leaves per dmap tree. A check for dmtleafidx...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: jfs: Truncating of good inode pages occurs when the hard link is 0. The value of the fileset for the inode copy from the disk by the reproducer is AGGRRESERVEDI. When evicting, its hard link number is 0, so its inode pages are no...
CVE-2025-71292
A flaw was found in the Linux kernel's Journaled File System JFS. This vulnerability occurs when a directory's link count nlink reaches its maximum value and a rename operation is performed on a child directory. This can cause the link count to wrap around, leading to an nlink overflow. The...
EUVD-2025-209683
In the Linux kernel, the following vulnerability has been resolved: jfs: nlink overflow in jfsrename If nlink is maximal for a directory -1 and inside that directory you perform a rename for some child directory not moving from the parent, then the nlink of the first directory is first incremente...
CVE-2025-71292
In the Linux kernel, the following vulnerability has been resolved: jfs: nlink overflow in jfsrename If nlink is maximal for a directory -1 and inside that directory you perform a rename for some child directory not moving from the parent, then the nlink of the first directory is first incremente...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: jfs: Prevent copying of nlink with a value of 0 from the disk inode. syzbot reported a deadlock in diFree. 1 When calling “ioctl$LOOPSETSTATUS64”, the offset value passed in is 4, which does not match the mounted loop device...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds in jfsreaddir The stbl might contain some invalid values. Added a check to return error code in that case...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: jfs: upper bound check of tree index in dbAllocAG When computing the tree index in dbAllocAG, we never check if we are out of bounds realative to the size of the stree. This could happen in a scenario where the filesystem metadat...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: FS: JFS: Check for read-only mounted filesystem in txBegin This patch adds a check for read-only mounted filesystem in txBegin before starting a transaction potentially saving from NULL pointer deref...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: FS: JFS: Fix null-ptr-deref Read in txBegin Syzkaller reported an issue where txBegin may be called on a superblock in a read-only mounted filesystem which leads to NULL pointer deref. This could be solved by checking if the...
Astra Linux - уязвимость в linux-5.10, linux
A NULL pointer dereference flaw exists in the diFree function in the fs/jfs/inode.c file of the Journaled File System JFS in the Linux kernel. This flaw could allow a local attacker to crash the system or leak internal kernel information...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013084)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013084 advisory. In the Linux kernel, the following vulnerability has been resolved: FS: JFS: Check for read-only mounted filesystem in txBegin This patch adds a check for read-only...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007540)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007540 advisory. In the Linux kernel, the following vulnerability has been resolved: FS: JFS: Check for read-only mounted filesystem in txBegin This patch adds a check for read-only...
ROS-20260126-73-0032
A vulnerability in the eaget function of the fs/jfs/xattr.c component of the Linux operating system kernel is related to reading outside the allowed data buffer boundaries. Exploitation of the vulnerability may allow an attacker to gain access to sensitive data and also cause a denial of service...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992868)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992868 advisory. In the Linux kernel, the following vulnerability has been resolved: jfs: check if leafidx greater than num leaves per dmap tree syzbot report a out of bounds in...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992294)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992294 advisory. In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Prevent integer overflow in AG size calculation The JFS filesystem calculates allocation...
CVE-2025-68168
In the Linux kernel, the following vulnerability has been resolved: jfs: fix uninitialized waitqueue in transaction manager The transaction manager initialization in txInit was not properly initializing TxBlock0.waitor waitqueue, causing a crash when txEnd0 is called on read-only filesystems. Whe...