Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ocfs2: Clearing the extent cache after moving/defragmenting extents The extent map cache can become stale when extents are moved or defragmented, causing subsequent operations to see outdated extent flags. This triggers a BUGON i...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ocfs2: Relaxing the BUG function to ocfs2error in ocfs2moveextent In ocfs2moveextent, relocating the BUG function to ocfs2error is necessary to avoid causing the entire kernel to crash due to filesystem corruption...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ocfs2: Fix for defragmentation path triggering jbd2 assertion. Code paths: - ocfs2ioctlmoveextents - ocfs2moveextents - ocfs2defragextent - ocfs2moveextent - + ocfs2journalaccessdi - + ocfs2splitextent // Sub-path calls...

ocfs2: split transactions in dio completion to avoid credit exhaustion

...

CVE-2026-46080

CVE-2026-46080 : In the Linux kernel, the ocfs2 code path is fixed to prevent credit-exhaustion during direct I/O (dio) by splitting transactions in dio completion and batching extent handling. The patch relocates removing inodes from the orphan list until the extent tree update completes, reduci...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper transaction splitting during direct I/O completion in ocfs2, potentially leading to...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ocfs2: Fixed data corruption after a failed write operation. When buffering a write attempt fails and data cannot be copied into the underlying page cache, the ocfs2writeendnolock function simply zeroes out and dirtyens the page...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iouring: Fixed a fget leak when the file system does not support nowait-buffered read operations. Heming reported a bug when using iouring for link-cp operations on ocfs2. 1 The following steps can reproduce this bug: 1. Mount th...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021655)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021655 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: free inode when ocfs2getinitinode fails syzbot is reporting busy inodes after unmount, for...

CVE-2026-43168

A flaw was found in the Linux kernel's Oracle Cluster File System version 2 ocfs2. This vulnerability arises from an issue in the reflink preserve cleanup process, where the system incorrectly handles extended attribute xattr entries. The cleanup logic fails to properly manage pointers and clean ...

CVE-2026-43168

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix reflink preserve cleanup issue commit c06c303832ec "ocfs2: fix xattr array entry countedby error" doesn't handle all cases and the cleanup job for preserved xattr entries still has bug: - the 'last' pointer should be...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an array entry processing error in the reflink cleanup mechanism of ocfs2, potentially leading to...

PT-2026-37385

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds write exists in the ocfs2 write end inline function. The issue occurs because ocfs2 try to write inline data relies on the on-disk id count field to determine if a write...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ocfs2: Mounting fails due to a buffer overflow in strlen. Starting with kernel 5.11, when building with CONFIGFORTIFYSOURCE, mounting an ocfs2 filesystem using either o2cb or pcmk cluster stack will fail. The issue seems to be th...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ocfs2: dlmfs: Fixed error handling for userdlmdestroyLock. When userdlmdestroyLock fails, it does not clean up the flags it set before exiting. For the USERLOCKINTEARDOWN condition, if this function fails because the lock is...

ocfs2: fix possible deadlock between unlink and dio_end_io_write

...

CVE-2026-31596

A flaw was found in the OCFS2 Oracle Cluster File System, version 2 component of the Linux kernel. A local attacker with control over a specially crafted filesystem could exploit a vulnerability in the ocfs2groupextend function. This flaw arises from an insufficient validation of a global bitmap...

CVE-2026-31596 ocfs2: handle invalid dinode in ocfs2_group_extend

In the Linux kernel, the following vulnerability has been resolved: ocfs2: handle invalid dinode in ocfs2groupextend BUG kernel BUG at fs/ocfs2/resize.c:308! Oops: invalid opcode: 0000 1 SMP KASAN NOPTI RIP: 0010:ocfs2groupextend+0x10aa/0x1ae0 fs/ocfs2/resize.c:308 Code: 8b8520ff ffff83f8 860f858...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005518)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005518 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: reserve space for inline xattr before attaching reflink tree One of our customers reported...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005107)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005107 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix DIO failure due to insufficient transaction credits The code in ocfs2dioendiowrite...