Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: bfs: Reconstruct file type when loading from disk syzbot is reporting that SIFMT bits of inode-imode can become bogus when the SIFMT bits of the 32bits "mode" field loaded from disk are corrupted or when the 32bits "attributes"...

Astra Linux - уязвимость в grub2

An integer overflow flaw was discovered in the BFS file system driver within grub2. When reading a file using an indirect extent map, grub2 fails to validate the number of extent entries to be read. A maliciously crafted or corrupted BFS file system may cause an integer overflow during file...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-010872)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010872 advisory. In the Linux kernel, the following vulnerability has been resolved: bfs: Reconstruct file type when loading from disk syzbot is reporting that SIFMT bits of...

USN-8179-2 linux-aws-fips, linux-fips, linux-gcp-fips vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

USN-8116-1: Linux kernel (Intel IoTG Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - ATM...

EUVD-2025-203747

In the Linux kernel, the following vulnerability has been resolved: bfs: Reconstruct file type when loading from disk syzbot is reporting that SIFMT bits of inode-imode can become bogus when the SIFMT bits of the 32bits "mode" field loaded from disk are corrupted or when the 32bits "attributes"...

CVE-2025-68266

The CVE-2025-68266 entry concerns Linux kernel BFS filesystem handling when loading file types from disk. The root cause is that S_IFMT bits of inode->i_mode can become bogus if the 32-bit mode or attributes fields loaded from disk are corrupted. The Linux kernel documentation indicates BFS us...

CVE-2025-68266 bfs: Reconstruct file type when loading from disk

In the Linux kernel, the following vulnerability has been resolved: bfs: Reconstruct file type when loading from disk syzbot is reporting that SIFMT bits of inode-imode can become bogus when the SIFMT bits of the 32bits "mode" field loaded from disk are corrupted or when the 32bits "attributes"...

CVE-2025-68266

In the Linux kernel, the following vulnerability has been resolved: bfs: Reconstruct file type when loading from disk syzbot is reporting that SIFMT bits of inode-imode can become bogus when the SIFMT bits of the 32bits "mode" field loaded from disk are corrupted or when the 32bits "attributes"...

CVE-2025-68266 bfs: Reconstruct file type when loading from disk

In the Linux kernel, the following vulnerability has been resolved: bfs: Reconstruct file type when loading from disk syzbot is reporting that SIFMT bits of inode-imode can become bogus when the SIFMT bits of the 32bits "mode" field loaded from disk are corrupted or when the 32bits "attributes"...

PT-2025-51679

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to file type reconstruction when loading from disk within the BFS filesystem. Specifically, the S IFMT bits of the inode-i mode can become invali...

EUVD-2025-5594

Malicious code in bioql PyPI...

EUVD-2025-5578

Malicious code in bioql PyPI...

Advisory ROSA-SA-2025-3000

software: grub2 2.06 WASP: ROSA-CHROME unaffected versions = grub2-2.06-24 affected versions grub2-2.06-24 CVE-ID: CVE-2024-45779 BDU-ID: 2025-03832 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the BFS file system of the Grub2 operating system boot loader is related to reads outside the allowed...

Grub2: fs/bfs: integer overflow in the bfs parser.

...

Grub2: fs/bfs: integer overflow leads to heap oob read in the bfs parser

...

Security update for grub2

This update for grub2 fixes the following issues: CVE-2025-4382: Fixed TPM auto-decryption data exposure bsc1242971 Filter out the non-subvolume btrfs mount points when creating the relative path bsc1239674 CVE-2024-45781: Fixed ufs strcpy overflow bsc1233617 CVE-2024-56737: Fixed heap-based buff...

SUSE-SU-2025:20511-1 Security update for grub2

This update for grub2 fixes the following issues: - CVE-2025-4382: Fixed TPM auto-decryption data exposure bsc1242971 - Filter out the non-subvolume btrfs mount points when creating the relative path bsc1239674 - CVE-2024-45781: Fixed ufs strcpy overflow bsc1233617 - CVE-2024-56737: Fixed...

EulerOS 2.0 SP12 : grub2 (EulerOS-SA-2025-1587)

According to the versions of the grub2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A stack overflow flaw was found when reading a BFS file system. A crafted BFS filesystem may lead to an uncontrolled loop, causing grub2 to...

EulerOS 2.0 SP10 : grub2 (EulerOS-SA-2025-1518)

According to the versions of the grub2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A stack overflow flaw was found when reading a BFS file system. A crafted BFS filesystem may lead to an uncontrolled loop, causing grub2 to...