Lucene search
K

108 matches found

OSV
OSV
added 2025/05/09 12:41 p.m.8 views

OESA-2025-1462 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: jfs: add check read-only before truncation in jfstruncatenolock Added a check for "read-only" mode in the jfstruncatenolock function to avoid errors related to...

7.8CVSS6.5AI score0.09117EPSS
Exploits0References7
Microsoft CVE
Microsoft CVE
added 2025/05/05 7:0 a.m.2 views

jfs: fix slab-out-of-bounds read in ea_get()

...

7.1CVSS7.8AI score0.00215EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2025/05/02 2:3 a.m.11 views

SUSE CVE-2025-37740

In the Linux kernel, the following vulnerability has been resolved: jfs: add sanity check for agwidth in dbMount The width in dmapctl of the AG is zero, it trigger a divide error when calculating the control page level in dbAllocAG. To avoid this issue, add a check for agwidth in dbAllocAG...

4.4CVSS7.7AI score0.00164EPSS
Exploits0References16
OSV
OSV
added 2025/05/01 1:15 p.m.0 views

DEBIAN-CVE-2025-37741

In the Linux kernel, the following vulnerability has been resolved: jfs: Prevent copying of nlink with value 0 from disk inode syzbot report a deadlock in diFree. 1 When calling "ioctl$LOOPSETSTATUS64", the offset value passed in is 4, which does not match the mounted loop device, causing the...

5.5CVSS5.7AI score0.00128EPSS
Exploits0References1
OSV
OSV
added 2025/04/22 11:56 p.m.18 views

USN-7402-5 linux-gcp-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Block layer subsystem; - GPU drivers; - HID subsystem; - Media drivers; - JFS file system; - Network namespace; -...

7.8CVSS6.9AI score0.00809EPSS
Exploits1References9
SUSE CVE
SUSE CVE
added 2025/04/18 11:18 p.m.3 views

SUSE CVE-2025-39735

In the Linux kernel, the following vulnerability has been resolved: jfs: fix slab-out-of-bounds read in eaget During the "sizecheck" label in eaget, the code checks if the extended attribute list xattr size matches easize. If not, it logs "eaget: invalid extended attribute" and calls printhexdump...

7.8CVSS7.8AI score0.00215EPSS
Exploits0References19
CNNVD
CNNVD
added 2025/04/16 12:0 a.m.5 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the jfstruncatenolock function not checking for read-only mode, which could result in a write to a read-only...

5.5CVSS6.5AI score0.00163EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2022-3202

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A NULL pointer dereference flaw in diFree in fs/jfs/inode.c in Journaled File System JFSin the Linux kernel. This could allow a local attacker to crash the syst...

7.1CVSS6.7AI score0.00244EPSS
Exploits0References2
OSV
OSV
added 2025/03/03 6:15 p.m.0 views

DEBIAN-CVE-2025-0685

A flaw was found in grub2. When reading data from a jfs filesystem, grub's jfs filesystem module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciouly crafted filesystem may lead some o...

6.4CVSS7.3AI score0.00253EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/02/20 12:0 a.m.9 views

PT-2025-20509

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to an integer overflow in the allocation group AG size calculation in the JFS filesystem. This occurs when the l2agsize value exceeds 31, causing undefined behavior...

5.5CVSS7AI score0.00244EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/01/31 12:0 a.m.5 views

The vulnerability of the ea_get() function in the JFS file system (fs/jfs/xattr.c) of Linux operating systems allows a malicious actor to gain unauthorized access to protected information or cause service failures.

The vulnerability of the eaget function in the JFS file system driver fs/jfs/xattr.c in Linux operating systems is related to incorrect handling of data read from a damaged file system. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information or cau...

7.5CVSS5.5AI score
Exploits0References1Affected Software2
SUSE CVE
SUSE CVE
added 2025/01/08 12:21 a.m.4 views

SUSE CVE-2024-56598

In the Linux kernel, the following vulnerability has been resolved: jfs: array-index-out-of-bounds fix in dtReadFirst The value of stbl can be sometimes out of bounds due to a bad filesystem. Added a check with appopriate return of error code in that case...

7CVSS7.7AI score0.00245EPSS
Exploits0References20
CNNVD
CNNVD
added 2024/12/27 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an array index out-of-bounds issue in jfsreaddir in the jfs file system...

7.8CVSS6.6AI score0.0023EPSS
Exploits0References7
OSV
OSV
added 2024/10/21 6:15 p.m.8 views

AZL-52922 CVE-2024-49902 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: jfs: check if leafidx greater than num leaves per dmap tree syzbot report a out of bounds in dbSplit, it because dmtleafidx greater than num leaves per dmap tree, add a checking for dmtleafidx in dbFindLeaf. Shaggy: Modified sani...

5.5CVSS6.7AI score0.00277EPSS
Exploits0References1
OSV
OSV
added 2024/10/21 1:15 p.m.2 views

DEBIAN-CVE-2024-47723

In the Linux kernel, the following vulnerability has been resolved: jfs: fix out-of-bounds in dbNextAG and diAlloc In dbNextAG , there is no check for the case where bmp-dbnumag is greater or same than MAXAG due to a polluted image, which causes an out-of-bounds. Therefore, a bounds check should ...

7.1CVSS6.1AI score0.00286EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/10/21 12:0 a.m.6 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a failure to check if leafidx is greater than the number of leaves in the dmap tree in the dbFindLeaf function o...

5.5CVSS6.6AI score0.00277EPSS
Exploits0References9
CNNVD
CNNVD
added 2024/10/21 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a post-release reuse issue in the dbFreeBits function of the jfs file system...

7CVSS6.7AI score0.00254EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2024/10/03 12:0 a.m.3 views

PT-2024-41488 · Gnu +1 · Linux +1

Уязвимость функции ea get файловой системы JFS fs/jfs/xattr.c ядра операционных систем Linux связана с некорректной обработкой данных, считываемых с повреждённого образа файловой системы. Эксплуатация уязвимости может позволить нарушителю получить несанкционированный доступ к защищаемой информаци...

7.5CVSS7.2AI score
Exploits0References2
OSV
OSV
added 2024/09/26 11:58 a.m.11 views

USN-7039-1 linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Input Device Tablet drivers; - Modular ISDN driver; - Multiple devices driver; - Network drivers; -...

7.8CVSS6.7AI score0.00689EPSS
Exploits1References23
OSV
OSV
added 2024/09/23 9:59 a.m.3 views

USN-7007-2 linux-ibm-5.15, linux-oracle-5.15 vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2024-23848 Chenyuan Yang discovered that the USB Gadget subsystem in...

9.8CVSS6.5AI score0.02701EPSS
Exploits4References220
Rows per page
Query Builder