Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Prevent integer overflow in AG size calculation The JFS filesystem calculates the allocation group AG size using 1 bmap-dbagsize. - Subsequent block allocations will reference invalid AG structures. - This can cause: -...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992780)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992780 advisory. In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Prevent integer overflow in AG size calculation The JFS filesystem calculates allocation...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992294)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992294 advisory. In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Prevent integer overflow in AG size calculation The JFS filesystem calculates allocation...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989213)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989213 advisory. In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds in diAlloc Currently there is not check against the agno of th...

CVE-2022-50567 fs: jfs: fix shift-out-of-bounds in dbAllocAG

In the Linux kernel, the following vulnerability has been resolved: fs: jfs: fix shift-out-of-bounds in dbAllocAG Syzbot found a crash : UBSAN: shift-out-of-bounds in dbAllocAG. The underlying bug is the missing check of bmp-dbagl2size. The field can be greater than 64 and trigger the...

EUVD-2025-14134

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-37858

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/jfs: Prevent integer overflow in AG size calculation The JFS filesystem calculates allocation group AG size using 1 2TB aggregates on 32-bit systems, this...

Linux Distros Unpatched Vulnerability : CVE-2025-38230

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jfs: validate AG parameters in dbMount to prevent crashes Validate dbagheight, dbagwidth, and dbagstart in dbMount to catch corrupted metadata early and avoid...

jfs: validate AG parameters in dbMount() to prevent crashes

...

fs/jfs: Prevent integer overflow in AG size calculation

...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: jfs: added a sanity check for agwidth in dbMount. When the width of the AG in dmapctl is zero, it triggers a divide error when calculating the control page level in dbAllocAG. To avoid this issue, a check for agwidth must be adde...

kernel: xfs: fix finding a last resort AG in xfs_filestream_pick_ag

In the Linux kernel, the following vulnerability has been resolved: xfs: fix finding a last resort AG in xfsfilestreampickag When the main loop in xfsfilestreampickag fails to find a suitable AG it tries to just pick the online AG. But the loop for that uses args-pag as loop iterator while the...

SUSE CVE-2025-37858

In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Prevent integer overflow in AG size calculation The JFS filesystem calculates allocation group AG size using 1 2TB aggregates on 32-bit systems, this 32-bit shift operation causes undefined behavior and improper AG sizing...

CVE-2025-37858 fs/jfs: Prevent integer overflow in AG size calculation

In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Prevent integer overflow in AG size calculation The JFS filesystem calculates allocation group AG size using 1 2TB aggregates on 32-bit systems, this 32-bit shift operation causes undefined behavior and improper AG sizing...

CVE-2025-37858

The CVE-2025-37858 issue affects the Linux kernel’s JFS filesystem. Root cause: AG size calculation in dbExtendFS() uses a 1 < 31 on 32-bit systems, this causes undefined behavior and invalid AG sizes (sbi->bmap->db_agsize). Impact: potential filesystem corruption during extend operation...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from an integer overflow in the AG size calculation of the jfs file system, which could lead to file system...

SUSE CVE-2025-37740

In the Linux kernel, the following vulnerability has been resolved: jfs: add sanity check for agwidth in dbMount The width in dmapctl of the AG is zero, it trigger a divide error when calculating the control page level in dbAllocAG. To avoid this issue, add a check for agwidth in dbAllocAG...

UBUNTU-CVE-2025-37740

In the Linux kernel, the following vulnerability has been resolved: jfs: add sanity check for agwidth in dbMount The width in dmapctl of the AG is zero, it trigger a divide error when calculating the control page level in dbAllocAG. To avoid this issue, add a check for agwidth in dbAllocAG...

PT-2025-20509

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to an integer overflow in the allocation group AG size calculation in the JFS filesystem. This occurs when the l2agsize value exceeds 31, causing undefined behavior...

SUSE CVE-2024-50216

In the Linux kernel, the following vulnerability has been resolved: xfs: fix finding a last resort AG in xfsfilestreampickag When the main loop in xfsfilestreampickag fails to find a suitable AG it tries to just pick the online AG. But the loop for that uses args-pag as loop iterator while the...