37 matches found
CVE-2022-50289
CVE-2022-50289 concerns the Linux kernel OCFS2 subsystem. The provided advisories describe a memory leak in ocfs2_stack_glue_init() where ocfs2_table_header must be freed if ocfs2_sysfs_init() fails, to prevent a kmemleak-detected memleak. The root cause is the missing free path during initializa...
ocfs2: validate l_tree_depth to avoid out-of-bounds access
...
CVE-2023-53081
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption after failed write When buffered write fails to copy data into underlying page cache page, ocfs2writeendnolock just zeroes out and dirties the page. This can leave dirty page beyond EOF and if page...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from ocfs2 that could lead to data corruption after a write failure...
The vulnerability of the ocfs2_reflink_xattrInline() function in the cluster file system ocfs2 of the Linux operating system allows a attacker to cause a service failure.
The vulnerability of the ocfs2reflinkxattrInline function in the cluster file system ocfs2 of the Linux operating system is related to incorrect input validation. Exploiting this vulnerability could allow an attacker to cause service failures...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unverified ltreedepth field in ocfs2, which could lead to out-of-bounds access...
ocfs2: fix uninitialized value in ocfs2_file_read_iter()
...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the ocfs2getinitinode function in the ocfs2 module failing to free an inode...
ocfs2: fix null-ptr-deref when journal load failed.
...
DEBIAN-CVE-2024-41015
In the Linux kernel, the following vulnerability has been resolved: ocfs2: add bounds checking to ocfs2checkdirentry This adds sanity checks for ocfs2direntry to make sure all members of ocfs2direntry don't stray beyond valid memory region...
SUSE CVE-2024-40951
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix NULL pointer dereference in ocfs2aborttrigger bdev-bdsuper has been removed and commit 8887b94d9322 change the usage from bdev-bdsuper to bassocmap-host-isb. Since ocfs2 hasn't set bh-bassocmap, it will trigger NULL...
UBUNTU-CVE-2024-40951
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix NULL pointer dereference in ocfs2aborttrigger bdev-bdsuper has been removed and commit 8887b94d9322 change the usage from bdev-bdsuper to bassocmap-host-isb. Since ocfs2 hasn't set bh-bassocmap, it will trigger NULL...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel that stems from a null pointer dereference issue in the ocfs2 file system in the ocfs2journaldirty function...
UBUNTU-CVE-2021-47458
In the Linux kernel, the following vulnerability has been resolved: ocfs2: mount fails with buffer overflow in strlen Starting with kernel 5.11 built with CONFIGFORTIFYSOURCE mouting an ocfs2 filesystem with either o2cb or pcmk cluster stack fails with the trace below. Problem seems to be that...
CVE-2011-0463
The ocfs2preparepageforwrite function in fs/ocfs2/aops.c in the Oracle Cluster File System 2 OCFS2 subsystem in the Linux kernel before 2.6.39-rc1 does not properly handle holes that cross page boundaries, which allows local users to obtain potentially sensitive information from uninitialized dis...
Design/Logic Flaw
The ocfs2preparepageforwrite function in fs/ocfs2/aops.c in the Oracle Cluster File System 2 OCFS2 subsystem in the Linux kernel before 2.6.39-rc1 does not properly handle holes that cross page boundaries, which allows local users to obtain potentially sensitive information from uninitialized dis...
CVE-2011-0463
The ocfs2preparepageforwrite function in fs/ocfs2/aops.c in the Oracle Cluster File System 2 OCFS2 subsystem in the Linux kernel before 2.6.39-rc1 does not properly handle holes that cross page boundaries, which allows local users to obtain potentially sensitive information from uninitialized dis...