43 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-53040
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ocfs2: validate bgbits during freefrag scan BUG A crafted filesystem can trigger an out-of-bounds bitmap walk when OCFS2IOCINFO is issued with...
EUVD-2026-38908
In the Linux kernel, the following vulnerability has been resolved: ocfs2: validate bgbits during freefrag scan BUG A crafted filesystem can trigger an out-of-bounds bitmap walk when OCFS2IOCINFO is issued with OCFS2INFOFLNONCOHERENT. BUG: KASAN: use-after-free in instrumentatomicread...
UBUNTU-CVE-2026-46080
In the Linux kernel, the following vulnerability has been resolved: ocfs2: split transactions in dio completion to avoid credit exhaustion During ocfs2 dio operations, JBD2 may report warnings via following call trace: ocfs2dioendiowrite ocfs2markextentwritten ocfs2changeextentflag ocfs2splitexte...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ocfs2: Fixed a slab-use-after-free issue caused by a dangling pointer dqipriv. When mounting ocfs2 and then remounting it as read-only, a slab-use-after-free occurs after the user uses the syscall to call ocfs2getnextid...
CVE-2026-43168
CVE-2026-43168 concerns the Linux kernel OCFS2 reflink preserve cleanup issue. Multiple connected sources confirm a bug in the cleanup of preserved xattr entries: the last pointer should be shifted by one unit after an array entry cleanup, and the first entry may not be cleaned when xh_count is 1...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of validation of the inline data isize when reading inode values. This vulnerability may...
CVE-2026-31598
A flaw was found in the ocfs2 file system within the Linux kernel. A local user could potentially trigger a deadlock due to an ABBA lock ordering violation between the ocfs2unlink and ocfs2dioendiowrite functions. This race condition, caused by inconsistent lock acquisition order, could lead to a...
DEBIAN-CVE-2026-31597
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix use-after-free in ocfs2fault when VMFAULTRETRY filemapfault may drop the mmaplock before returning VMFAULTRETRY, as documented in mm/filemap.c: "If our return value has VMFAULTRETRY set, it's because the mmaplock may b...
CVE-2026-31596
In the Linux kernel, the following vulnerability has been resolved: ocfs2: handle invalid dinode in ocfs2groupextend BUG kernel BUG at fs/ocfs2/resize.c:308! Oops: invalid opcode: 0000 1 SMP KASAN NOPTI RIP: 0010:ocfs2groupextend+0x10aa/0x1ae0 fs/ocfs2/resize.c:308 Code: 8b8520ff ffff83f8 860f858...
Azure Linux 3.0 Security Update: kernel (CVE-2024-57892)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-57892 advisory. - In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix slab-use-after-free due to...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992449)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992449 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption after failed write When buffered write fails to copy data into...
CVE-2025-40233 ocfs2: clear extent cache after moving/defragmenting extents
In the Linux kernel, the following vulnerability has been resolved: ocfs2: clear extent cache after moving/defragmenting extents The extent map cache can become stale when extents are moved or defragmented, causing subsequent operations to see outdated extent flags. This triggers a BUGON in...
CVE-2025-40233
CVE-2025-40233 : In the Linux kernel, the OCFS2 filesystem could see stale extent flags after moving/defragmenting extents, triggering a local kernel BUG_ON in ocfs2_refcount_cal_cow_clusters. The issue arises when a reflinked extent is created via copy_file_range, and FITRIM moves extents, causi...
PT-2026-2503
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the ocfs2 subsystem, specifically in the ocfs2 find victim chain function. A kernel BUG occurs when the cl next free rec field within the allocati...
CVE-2025-40055 ocfs2: fix double free in user_cluster_connect()
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix double free in userclusterconnect userclusterdisconnect frees "conn-ccprivate" which is "lc" but then the error handling frees "lc" a second time. Set "lc" to NULL on this path to avoid a double free...
PT-2025-49060
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The extent map cache in the Linux kernel’s OCFS2 file system can become outdated when extents are moved or defragmented. This occurs because the cache is not invalidated after these...
EUVD-2025-30358
Malicious code in bioql PyPI...
CVE-2025-39885
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix recursive semaphore deadlock in fiemap call syzbot detected a OCFS2 hang due to a recursive semaphore on a FSIOCFIEMAP of the extent list on a specially crafted mmap file. contextswitch kernel/sched/core.c:5357 inline...
The vulnerability of the `ocfs2_get_init inode()` function in the fs/ocfs2/namei.c module of the OCFS2 cluster file system in the Linux operating system allows a attacker to cause a service failure.
The vulnerability of the ocfs2getinit inode function in the fs/ocfs2/namei.c module of the OCFS2 cluster file system in the Linux kernel is related to exception handling flaws. Exploiting this vulnerability could allow an attacker to cause service failures...
SUSE CVE-2025-37950
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix panic in failed foilio allocation commit 7e119cff9d0a "ocfs2: convert wpages to wfolios" and commit 9a5e08652dc4b "ocfs2: use an array of folios instead of an array of pages" save -ENOMEM in the folio array upon...