909 matches found
CVE-2026-43075
A flaw was found in the Linux kernel's ocfs2 filesystem component. This vulnerability allows a local attacker, by mounting a specially crafted and corrupted ocfs2 filesystem on a loop device, to trigger an out-of-bounds write. This occurs because the system incorrectly trusts the idcount field fr...
CVE-2026-43076
A flaw was found in the ocfs2 filesystem module of the Linux kernel. This vulnerability occurs when the system attempts to read an inode from a corrupted filesystem, where the inline data size is not properly validated. This can lead to a use-after-free condition, potentially allowing a local...
EUVD-2026-27727
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix reflink preserve cleanup issue commit c06c303832ec "ocfs2: fix xattr array entry countedby error" doesn't handle all cases and the cleanup job for preserved xattr entries still has bug: - the 'last' pointer should be...
EUVD-2026-27563
In the Linux kernel, the following vulnerability has been resolved: ocfs2: validate inline data isize during inode read When reading an inode from disk, ocfs2validateinodeblock performs various sanity checks but does not validate the size of inline data. If the filesystem is corrupted, an inode's...
CVE-2026-43168
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix reflink preserve cleanup issue commit c06c303832ec "ocfs2: fix xattr array entry countedby error" doesn't handle all cases and the cleanup job for preserved xattr entries still has bug: - the 'last' pointer should be...
CVE-2026-43168 ocfs2: fix reflink preserve cleanup issue
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix reflink preserve cleanup issue commit c06c303832ec "ocfs2: fix xattr array entry countedby error" doesn't handle all cases and the cleanup job for preserved xattr entries still has bug: - the 'last' pointer should be...
CVE-2026-43168 ocfs2: fix reflink preserve cleanup issue
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix reflink preserve cleanup issue commit c06c303832ec "ocfs2: fix xattr array entry countedby error" doesn't handle all cases and the cleanup job for preserved xattr entries still has bug: - the 'last' pointer should be...
CVE-2026-43168
CVE-2026-43168 concerns the Linux kernel OCFS2 reflink preserve cleanup issue. Multiple connected sources confirm a bug in the cleanup of preserved xattr entries: the last pointer should be shifted by one unit after an array entry cleanup, and the first entry may not be cleaned when xh_count is 1...
CVE-2026-43075
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix out-of-bounds write in ocfs2writeendinline KASAN reports a use-after-free write of 4086 bytes in ocfs2writeendinline, called from ocfs2writeendnolock during a copyfilerange splice fallback on a corrupted ocfs2 filesyst...
CVE-2026-43076
The vulnerability CVE-2026-43076 affects the ocfs2 filesystem in the Linux kernel. When reading an inode from disk, ocfs2_validate_inode_block() did not validate the i_size of inline data against the inline data capacity (id_count). A corrupted filesystem could make i_size exceed id_count, causin...
CVE-2026-43076
In the Linux kernel, the following vulnerability has been resolved: ocfs2: validate inline data isize during inode read When reading an inode from disk, ocfs2validateinodeblock performs various sanity checks but does not validate the size of inline data. If the filesystem is corrupted, an inode's...
CVE-2026-43076 ocfs2: validate inline data i_size during inode read
In the Linux kernel, the following vulnerability has been resolved: ocfs2: validate inline data isize during inode read When reading an inode from disk, ocfs2validateinodeblock performs various sanity checks but does not validate the size of inline data. If the filesystem is corrupted, an inode's...
CVE-2026-43076
In the Linux kernel, the following vulnerability has been resolved: ocfs2: validate inline data isize during inode read When reading an inode from disk, ocfs2validateinodeblock performs various sanity checks but does not validate the size of inline data. If the filesystem is corrupted, an inode's...
CVE-2026-43075
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix out-of-bounds write in ocfs2writeendinline KASAN reports a use-after-free write of 4086 bytes in ocfs2writeendinline, called from ocfs2writeendnolock during a copyfilerange splice fallback on a corrupted ocfs2 filesyst...
CVE-2026-43075
The CVE-2026-43075 issue affects the Linux kernel’s ocfs2 filesystem code. A corrupted ocfs2 filesystem mounted on a loop device could trigger an out-of-bounds write in ocfs2_write_end_inline during a copy_file_range splice fallback, caused by trusting on-disk id_count to fit inline data. The roo...
CVE-2026-43075 ocfs2: fix out-of-bounds write in ocfs2_write_end_inline
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix out-of-bounds write in ocfs2writeendinline KASAN reports a use-after-free write of 4086 bytes in ocfs2writeendinline, called from ocfs2writeendnolock during a copyfilerange splice fallback on a corrupted ocfs2 filesyst...
PT-2026-37508
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ocfs2 component regarding reflink preserve cleanup. The cleanup process for preserved xattr extended attribute entries contains logic errors where the last pointer...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an out-of-bounds write operation in the ocfs2writeendinline function. This vulnerability may lead...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of validation of the inline data isize when reading inode values. This vulnerability may...
Linux Distros Unpatched Vulnerability : CVE-2026-43076
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ocfs2: validate inline data isize during inode read When reading an inode from disk, ocfs2validateinodeblock performs various sanity checks but does not validat...