Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Check the folio pointer to ensure it is not NULL. It can become NULL if the bbmap function is called...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ext4: fixed a warning in ext4iomapbegin due to a race between bmap and write The issue occurs as follows: ------------ cut here ------------ WARNING: CPU: 3 PID: 9310 at fs/ext4/inode.c:3441 ext4iomapbegin+0x182/0x5d0 RIP:...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: cxgb4: fixed a memory leak in the cxgb4initethtool Filters error path. In the for loop used to allocate locarray and bmap for each port, a memory leak is possible when the allocation of locarray succeeds, but the allocation of bm...

EUVD-2026-26652

In the Linux kernel, the following vulnerability has been resolved: xfs: close crash window in attr dabtree inactivation When inactivating an inode with node-format extended attributes, xfsattr3nodeinactive invalidates all child leaf/node blocks via xfstransbinval, but intentionally does not remo...

CVE-2026-43053 xfs: close crash window in attr dabtree inactivation

In the Linux kernel, the following vulnerability has been resolved: xfs: close crash window in attr dabtree inactivation When inactivating an inode with node-format extended attributes, xfsattr3nodeinactive invalidates all child leaf/node blocks via xfstransbinval, but intentionally does not remo...

PT-2026-36470

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the XFS file system during the inactivation of an inode with node-format extended attributes. The function xfs attr3 node inactive invalidates child leaf or node block...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001511)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001511 advisory. The xfsbmapextentstobtree function in fs/xfs/libxfs/xfsbmap.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service xfsbmapiwrite NULL...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002704)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002704 advisory. The xfsbmapextentstobtree function in fs/xfs/libxfs/xfsbmap.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service xfsbmapiwrite NULL...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993018)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993018 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix warning in ext4iomapbegin as race between bmap and write We got issue as follows:...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992339)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992339 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix warning in ext4iomapbegin as race between bmap and write We got issue as follows:...

EUVD-2025-203638

In the Linux kernel, the following vulnerability has been resolved: hfs: validate record offset in hfsplusbmapalloc hfsplusbmapalloc can trigger a crash if a record offset or length is larger than nodesize 15.264282 BUG: KASAN: slab-out-of-bounds in hfsplusbmapalloc+0x887/0x8b0 15.265192 Read of...

CVE-2025-40349

In the Linux kernel, the following vulnerability has been resolved: hfs: validate record offset in hfsplusbmapalloc hfsplusbmapalloc can trigger a crash if a record offset or length is larger than nodesize 15.264282 BUG: KASAN: slab-out-of-bounds in hfsplusbmapalloc+0x887/0x8b0 15.265192 Read of...

UBUNTU-CVE-2025-40349

In the Linux kernel, the following vulnerability has been resolved: hfs: validate record offset in hfsplusbmapalloc hfsplusbmapalloc can trigger a crash if a record offset or length is larger than nodesize 15.264282 BUG: KASAN: slab-out-of-bounds in hfsplusbmapalloc+0x887/0x8b0 15.265192 Read of...

CVE-2025-40349 hfs: validate record offset in hfsplus_bmap_alloc

In the Linux kernel, the following vulnerability has been resolved: hfs: validate record offset in hfsplusbmapalloc hfsplusbmapalloc can trigger a crash if a record offset or length is larger than nodesize 15.264282 BUG: KASAN: slab-out-of-bounds in hfsplusbmapalloc+0x887/0x8b0 15.265192 Read of...

CVE-2025-40349

CVE-2025-40349 affects the Linux kernel’s hfs/hfsplus_bmap_alloc path. The bug occurs when hfsplus_bmap_alloc retrieves a bitmap using node info and an offset/length that may exceed node_size, risking slab-out-of-bounds page access. The referenced patch adds validation for both offset and length ...

EUVD-2025-13017

Malicious code in bioql PyPI...

EUVD-2022-55522

Malicious code in bioql PyPI...

EUVD-2022-55351

Malicious code in bioql PyPI...

DEBIAN-CVE-2022-50333

In the Linux kernel, the following vulnerability has been resolved: fs: jfs: fix shift-out-of-bounds in dbDiscardAG This should be applied to most URSAN bugs found recently by syzbot, by guarding the dbMount. As syzbot feeding rubbish into the bmap descriptor...

CVE-2022-50333 fs: jfs: fix shift-out-of-bounds in dbDiscardAG

In the Linux kernel, the following vulnerability has been resolved: fs: jfs: fix shift-out-of-bounds in dbDiscardAG This should be applied to most URSAN bugs found recently by syzbot, by guarding the dbMount. As syzbot feeding rubbish into the bmap descriptor...