22 matches found
kernel: gfs2: Fix use-after-free in iomap inline data write path
A flaw was found in the Linux kernel's GFS2 filesystem. This memory corruption vulnerability, a use-after-free, occurs in the iomap inline data write path. The issue arises because a data buffer is released prematurely while still being referenced, leading to a write to freed memory. This could...
UBUNTU-CVE-2026-45984
In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix use-after-free in iomap inline data write path The inline data buffer head dibh is being released prematurely in gfs2iomapbegin via releasemetapath while iomap-inlinedata still points to dibh-bdata. This causes a...
CVE-2026-45984
In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix use-after-free in iomap inline data write path The inline data buffer head dibh is being released prematurely in gfs2iomapbegin via releasemetapath while iomap-inlinedata still points to dibh-bdata. This causes a...
CVE-2026-45861
gfs2: Fix slab-use-after-free in qdput...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: gfs2: Always check the inode size of inline inodes. Check whether the inode size of inline inodes is within the allowed range when reading inodes from the disk gfs2dinodein. This prevents on-disk corruption. The two checks in...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed to avoid NULL pointer dereferencing in f2fscheckquotaconsistency. The syzbot reported the following f2fs bug: Oops: gen 107.736417T5848. Oops: general protection fault, likely due to a non-canonical address...
Linux Distros Unpatched Vulnerability : CVE-2025-68771
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ocfs2: fix kernel BUG in ocfs2findvictimchain syzbot reported a kernel BUG in ocfs2findvictimchain because the clnextfreerec field of the allocation chain list...
EUVD-2025-36673
Systemic Lack of Cross-Site Request Forgery CSRF Token Implementation.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5...
PT-2025-41066
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a data race condition within the gfs2 show options function. Specifically, fields within the gfs2 tune structure, such as gt logd secs, are accessed without...
CVE-2024-30962
Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the nav2amcl process...
DEBIAN-CVE-2024-58001
In the Linux kernel, the following vulnerability has been resolved: ocfs2: handle a symlink read error correctly Patch series "Convert ocfs2 to use folios". Mark did a conversion of ocfs2 to use folios and sent it to me as a giant patch for review ;- So I've redone it as individual patches, and...
CVE-2024-37860
Buffer Overflow vulnerability in Open Robotic Operating System 2 ROS2 navigation2- ROS2-humble&& navigation2-humble allows a local attacker to execute arbitrary code via a crafted .yaml file to the nav2amcl process...
PT-2024-27792 · Open Robotics · Ros2 +1
Name of the Vulnerable Software and Affected Versions: Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions Description: The issue is a buffer overflow that occurs via the nav2 amcl process. This is triggered by sending a crafted .yaml file. Recommendations: For Open Robotics...
ocfs2: fix DIO failure due to insufficient transaction credits
...
PT-2024-23581 · Unknown +1 · Ros Python Version +1
Name of the Vulnerable Software and Affected Versions: ROS2 Robot Operating System 2 versions 2 through 2, ROS PYTHON VERSION 3 Description: An arbitrary file upload issue has been discovered, allowing attackers to execute arbitrary code, cause a denial of service DoS, and obtain sensitive...
PT-2024-23566 · Ros2 · Ros2
Name of the Vulnerable Software and Affected Versions: ROS2 Iron Irwini versions ROS VERSION 2 and ROS PYTHON VERSION 3 Description: An insecure logging vulnerability has been identified, allowing attackers to access sensitive information via inadequate security measures within the logging...
编号撤回
ROS2 Foxy Fitzroy is an application of the ROS2 organization. This CVE number has been withdrawn...
SUSE CVE-2016-10905
An issue was discovered in fs/gfs2/rgrp.c in the Linux kernel before 4.8. A use-after-free is caused by the functions gfs2clearrgrpd and readrindexentry...
DoS Vulnerability in JP1/Automatic Job Management System 3 and JP1/Automatic Job Management System 2
Overview A DoS vulnerability was found in JP1/Automatic Job Management System 3 and JP1/Automatic Job Management System 2. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information' section for the official countermeasu...
CVE-2019-4095
IBM Cloud Pak System 2.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 158015...