CVE-2026-46124

In the Linux kernel, the following vulnerability has been resolved: isofs: validate block number from NFS file handle in isofsexportiget isofsfhtodentry and isofsfhtoparent pass an attacker- controlled block number ifid-block or ifid-parentblock from the NFS file handle to isofsexportiget, which...

CVE-2026-46124

In the Linux kernel, the following vulnerability has been resolved: isofs: validate block number from NFS file handle in isofsexportiget isofsfhtodentry and isofsfhtoparent pass an attacker- controlled block number ifid-block or ifid-parentblock from the NFS file handle to isofsexportiget, which...

CVE-2026-46124

CVE-2026-46124 affects the Linux kernel isofs filesystem. The vulnerability arises because isofs_fh_to_dentry/isofs_fh_to_parent pass an attacker-controlled block number from an NFS file handle to isofs_export_iget(), which only rejects block == 0 before calling isofs_iget and sb_bread. A crafted...

PT-2026-44247

In the Linux kernel, the following vulnerability has been resolved: isofs: validate block number from NFS file handle in isofs export iget isofs fh to dentry and isofs fh to parent pass an attacker- controlled block number ifid-block or ifid-parent block from the NFS file handle to isofs export...

SUSE CVE-2026-43067

In the Linux kernel, the following vulnerability has been resolved: ext4: handle wraparound when searching for blocks for indirect mapped blocks Commit 4865c768b563 "ext4: always allocate blocks only from groups inode can use" restricts what blocks will be allocated for indirect block based files...

CVE-2026-31597

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix use-after-free in ocfs2fault when VMFAULTRETRY filemapfault may drop the mmaplock before returning VMFAULTRETRY, as documented in mm/filemap.c: "If our return value has VMFAULTRETRY set, it's because the mmaplock may b...

DEBIAN-CVE-2026-31597

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix use-after-free in ocfs2fault when VMFAULTRETRY filemapfault may drop the mmaplock before returning VMFAULTRETRY, as documented in mm/filemap.c: "If our return value has VMFAULTRETRY set, it's because the mmaplock may b...

CVE-2026-31597

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix use-after-free in ocfs2fault when VMFAULTRETRY filemapfault may drop the mmaplock before returning VMFAULTRETRY, as documented in mm/filemap.c: "If our return value has VMFAULTRETRY set, it's because the mmaplock may b...

EUVD-2026-25490

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix use-after-free in ocfs2fault when VMFAULTRETRY filemapfault may drop the mmaplock before returning VMFAULTRETRY, as documented in mm/filemap.c: "If our return value has VMFAULTRETRY set, it's because the mmaplock may b...

PT-2026-34949

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the ocfs2 fault function. This occurs because filemap fault may drop the mmap lock before returning VM FAULT RETRY. In such cases, a concurrent munmap ca...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990828)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990828 advisory. In the Linux kernel, the following vulnerability has been resolved: udf: Avoid excessive partition lengths Avoid mounting filesystems where the partition would...

EUVD-2017-6386

Malware in sbrugna...

CVE-2024-42295 nilfs2: handle inconsistent state in nilfs_btnode_create_block()

In the Linux kernel, the following vulnerability has been resolved: nilfs2: handle inconsistent state in nilfsbtnodecreateblock Syzbot reported that a buffer state inconsistency was detected in nilfsbtnodecreateblock, triggering a kernel bug. It is not appropriate to treat this inconsistency as a...

PT-2024-32192

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.52 Description The issue concerns the Linux kernel, where a vulnerability has been resolved related to the udf filesystem. The problem arises when mounting filesystems where the partition would overflow the...

update_market() market weight incorrect

Lines of code Vulnerability details Vulnerability details in updatemarket We need to get the weight percentage of the corresponding market epoch through gaugeController Then allocate cantoPerBlockepoch according to the percentage The main logic code is as follows: function updatemarketaddress...

anyone with valid token address can create DOS for accrueInterest() in prime.sol

Lines of code Vulnerability details Impact anyone or attacker with valid token address can create DOSdenial of service for accrueInterest and functions using accrueInterest in prime.sol Proof of Concept a function accrueTokens in PrimeLiquidityProvider.sol has visibility pubic,it means anyone can...

In BondingVotes.sol, clock() will not work properly for Arbitrum due to use of block.number

Lines of code Vulnerability details Impact In BondingVotes.sol, clock is set to match the current round and clock has been extensively used in onlyPastRounds, getVotes, delegates, checkpointBondingState, checkpointTotalActiveStake, getTotalActiveStakeAt, getBondingCheckpointAt and it is given as...

Liquidity concentration rate is reduced by the use of timestamp instead of block number

Lines of code Vulnerability details Impact Liquidity concentration rate is reduced by the use of timestamp instead of block number Proof of Concept The document states that This primitive can passively update liquidity concentration over time. You can think of it like a hybrid between a Balancer...

block.number DOES NOT PROVIDE A FAIR EVALUATION OF TIME MEASUREMENTS WITHIN FUNCTIONS

Lines of code Vulnerability details Impact The SecurityCouncilMemberElectionGovernorCountingUpgradeable.votesToWeight function is used to calculate the weight of a vote for a given proposal, block number, and number of votes. During the weight calculation the weight given for each vote depends on...

Individual nodes can manipluate sdPriceInETH to be any value inside StaderOracle#submitSDPrice

Lines of code Vulnerability details Trusted nodes can submit their attested ethereum price by calling StaderOraclesubmitSDPrice. Once a 66% majority of nodes submit a price for a specific block number, the new sdPriceData will be set to the median of the submitted prices. function...