SUSE CVE-2026-31453

In the Linux kernel, the following vulnerability has been resolved: xfs: avoid dereferencing log items after push callbacks After xfsaildpushitem calls ioppush, the log item may have been freed if the AIL lock was dropped during the push. Background inode reclaim or the dquot shrinker can free th...

SUSE CVE-2026-31454

In the Linux kernel, the following vulnerability has been resolved: xfs: save ailp before dropping the AIL lock in push callbacks In xfsinodeitempush and xfsqmdquotlogitempush, the AIL lock is dropped to perform buffer IO. Once the cluster buffer no longer protects the log item from reclaim, the...

EUVD-2026-24793

In the Linux kernel, the following vulnerability has been resolved: xfs: save ailp before dropping the AIL lock in push callbacks In xfsinodeitempush and xfsqmdquotlogitempush, the AIL lock is dropped to perform buffer IO. Once the cluster buffer no longer protects the log item from reclaim, the...

EUVD-2026-24794

In the Linux kernel, the following vulnerability has been resolved: xfs: stop reclaim before pushing AIL during unmount The unmount sequence in xfsunmountflushinodes pushed the AIL while background reclaim and inodegc are still running. This is broken independently of any use-after-free issues -...

CVE-2026-31453

In the Linux kernel, the following vulnerability has been resolved: xfs: avoid dereferencing log items after push callbacks After xfsaildpushitem calls ioppush, the log item may have been freed if the AIL lock was dropped during the push. Background inode reclaim or the dquot shrinker can free th...

CVE-2026-31454

In the Linux kernel, the following vulnerability has been resolved: xfs: save ailp before dropping the AIL lock in push callbacks In xfsinodeitempush and xfsqmdquotlogitempush, the AIL lock is dropped to perform buffer IO. Once the cluster buffer no longer protects the log item from reclaim, the...

CVE-2026-31454

Summary: CVE-2026-31454 affects the Linux kernel's XFS code. In xfs_inode_item_push() and xfs_qm_dquot_logitem_push(), the AIL lock is dropped to perform buffer IO, which can allow a log item to be freed during reclaim. A subsequent spin_lock() may dereference lip->li_ailp, causing a use-after...

CVE-2026-31455 xfs: stop reclaim before pushing AIL during unmount

In the Linux kernel, the following vulnerability has been resolved: xfs: stop reclaim before pushing AIL during unmount The unmount sequence in xfsunmountflushinodes pushed the AIL while background reclaim and inodegc are still running. This is broken independently of any use-after-free issues -...

CVE-2026-31453

The CVE-2026-31453 issue affects the Linux kernel XFS path. The root cause is use-after-free-like behavior: after xfsaild_push_item() calls iop_push(), the log item could be freed if the AIL lock is dropped, allowing a freed log item to be dereferenced by tracepoints in the switch that follow. Th...

Linux Distros Unpatched Vulnerability : CVE-2026-31455

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfs: stop reclaim before pushing AIL during unmount The unmount sequence in xfsunmountflushinodes pushed the AIL while background reclaim and inodegc are still...

CVE-2026-39416

AIL framework is an open-source platform to collect, crawl, process and analyse unstructured data. Prior to 6.8, a stored cross-site scripting XSS vulnerability was identified in the modal item preview functionality. When item content longer than 800 characters was processed, attacker-controlled...

CVE-2026-39416

AIL framework is an open-source platform to collect, crawl, process and analyse unstructured data. Prior to 6.8, a stored cross-site scripting XSS vulnerability was identified in the modal item preview functionality. When item content longer than 800 characters was processed, attacker-controlled...

EUVD-2026-20605

AIL framework is an open-source platform to collect, crawl, process and analyse unstructured data. Prior to 6.8, a stored cross-site scripting XSS vulnerability was identified in the modal item preview functionality. When item content longer than 800 characters was processed, attacker-controlled...

AIL framework 跨站脚本漏洞

AIL framework is a modular information leakage analysis framework developed as open source within the AIL project. It is used to analyze potential information leaks from unstructured data sources. Prior to version 6.8 of the AIL framework, there was a cross-site scripting vulnerability. This...

EUVD-2025-146490

Malicious code in verify-aya-ail npm...

EUVD-2020-29411

Malware in sbrugna...

MAL-2025-9739 Malicious code in @zalastax/nolb-_ail (npm)

The package @zalastax/nolb-ail was found to contain malicious code...

CVE-2020-8545

Global.py in AIL framework 2.8 allows path traversal...

CVE-2024-42230

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Fix scv instruction crash with kexec kexec on pseries disables AIL reloconexc, required for scv instruction support, before other CPUs have been shut down. This means they can execute scv instructions after AIL i...

CVE-2024-42230 powerpc/pseries: Fix scv instruction crash with kexec

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Fix scv instruction crash with kexec kexec on pseries disables AIL reloconexc, required for scv instruction support, before other CPUs have been shut down. This means they can execute scv instructions after AIL i...