108 matches found
OESA-2025-1462 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: jfs: add check read-only before truncation in jfstruncatenolock Added a check for "read-only" mode in the jfstruncatenolock function to avoid errors related to...
jfs: fix slab-out-of-bounds read in ea_get()
...
SUSE CVE-2025-37740
In the Linux kernel, the following vulnerability has been resolved: jfs: add sanity check for agwidth in dbMount The width in dmapctl of the AG is zero, it trigger a divide error when calculating the control page level in dbAllocAG. To avoid this issue, add a check for agwidth in dbAllocAG...
DEBIAN-CVE-2025-37741
In the Linux kernel, the following vulnerability has been resolved: jfs: Prevent copying of nlink with value 0 from disk inode syzbot report a deadlock in diFree. 1 When calling "ioctl$LOOPSETSTATUS64", the offset value passed in is 4, which does not match the mounted loop device, causing the...
USN-7402-5 linux-gcp-6.8 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Block layer subsystem; - GPU drivers; - HID subsystem; - Media drivers; - JFS file system; - Network namespace; -...
SUSE CVE-2025-39735
In the Linux kernel, the following vulnerability has been resolved: jfs: fix slab-out-of-bounds read in eaget During the "sizecheck" label in eaget, the code checks if the extended attribute list xattr size matches easize. If not, it logs "eaget: invalid extended attribute" and calls printhexdump...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the jfstruncatenolock function not checking for read-only mode, which could result in a write to a read-only...
Linux Distros Unpatched Vulnerability : CVE-2022-3202
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A NULL pointer dereference flaw in diFree in fs/jfs/inode.c in Journaled File System JFSin the Linux kernel. This could allow a local attacker to crash the syst...
DEBIAN-CVE-2025-0685
A flaw was found in grub2. When reading data from a jfs filesystem, grub's jfs filesystem module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciouly crafted filesystem may lead some o...
PT-2025-20509
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to an integer overflow in the allocation group AG size calculation in the JFS filesystem. This occurs when the l2agsize value exceeds 31, causing undefined behavior...
The vulnerability of the ea_get() function in the JFS file system (fs/jfs/xattr.c) of Linux operating systems allows a malicious actor to gain unauthorized access to protected information or cause service failures.
The vulnerability of the eaget function in the JFS file system driver fs/jfs/xattr.c in Linux operating systems is related to incorrect handling of data read from a damaged file system. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information or cau...
SUSE CVE-2024-56598
In the Linux kernel, the following vulnerability has been resolved: jfs: array-index-out-of-bounds fix in dtReadFirst The value of stbl can be sometimes out of bounds due to a bad filesystem. Added a check with appopriate return of error code in that case...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an array index out-of-bounds issue in jfsreaddir in the jfs file system...
AZL-52922 CVE-2024-49902 affecting package kernel for versions less than 5.15.173.1-1
In the Linux kernel, the following vulnerability has been resolved: jfs: check if leafidx greater than num leaves per dmap tree syzbot report a out of bounds in dbSplit, it because dmtleafidx greater than num leaves per dmap tree, add a checking for dmtleafidx in dbFindLeaf. Shaggy: Modified sani...
DEBIAN-CVE-2024-47723
In the Linux kernel, the following vulnerability has been resolved: jfs: fix out-of-bounds in dbNextAG and diAlloc In dbNextAG , there is no check for the case where bmp-dbnumag is greater or same than MAXAG due to a polluted image, which causes an out-of-bounds. Therefore, a bounds check should ...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a failure to check if leafidx is greater than the number of leaves in the dmap tree in the dbFindLeaf function o...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a post-release reuse issue in the dbFreeBits function of the jfs file system...
PT-2024-41488 · Gnu +1 · Linux +1
Уязвимость функции ea get файловой системы JFS fs/jfs/xattr.c ядра операционных систем Linux связана с некорректной обработкой данных, считываемых с повреждённого образа файловой системы. Эксплуатация уязвимости может позволить нарушителю получить несанкционированный доступ к защищаемой информаци...
USN-7039-1 linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Input Device Tablet drivers; - Modular ISDN driver; - Multiple devices driver; - Network drivers; -...
USN-7007-2 linux-ibm-5.15, linux-oracle-5.15 vulnerabilities
Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2024-23848 Chenyuan Yang discovered that the USB Gadget subsystem in...