51 matches found
SUSE CVE-2026-45960
In the Linux kernel, the following vulnerability has been resolved: hfsplus: return error when node already exists in hfsbnodecreate When hfsbnodecreate finds that a node is already hashed which should not happen in normal operation, it currently returns the existing node without incrementing its...
UBUNTU-CVE-2026-45960
In the Linux kernel, the following vulnerability has been resolved: hfsplus: return error when node already exists in hfsbnodecreate When hfsbnodecreate finds that a node is already hashed which should not happen in normal operation, it currently returns the existing node without incrementing its...
CVE-2026-45960 hfsplus: return error when node already exists in hfs_bnode_create
In the Linux kernel, the following vulnerability has been resolved: hfsplus: return error when node already exists in hfsbnodecreate When hfsbnodecreate finds that a node is already hashed which should not happen in normal operation, it currently returns the existing node without incrementing its...
CVE-2026-45960
CVE-2026-45960 concerns the Linux kernel hfsplus filesystem. The root cause is in hfs_bnode_create(): when a node is already hashed, it returns the existing node without incrementing its reference count, causing refcnt inconsistency and a kernel panic during hfs_bnode_put(). The vulnerability is ...
PT-2026-43827
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A reference count inconsistency occurs in the hfsplus module when the hfs bnode create function identifies that a node is already hashed. Instead of incrementing the reference count, the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: hfsplus: The issue of missing hfsbnodeget in hfsbnodecreate has been fixed. When sync and link are called concurrently, both threads may enter hfsbnodefind, but fail to find the node in the hash table. As a result, they proceed t...
Unity Linux 20.1060a Security Update: kernel (UTSA-2026-014323)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014323 advisory. In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix missing hfsbnodeget in hfsbnodecreate When sync and link are called concurrently,...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013733)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013733 advisory. In the Linux kernel, the following vulnerability has been resolved: hfs: fix missing hfsbnodeget in hfsbnodecreate Syzbot found a kernel BUG in hfsbnodeput: kernel...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007534)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007534 advisory. In the Linux kernel, the following vulnerability has been resolved: hfs: fix missing hfsbnodeget in hfsbnodecreate Syzbot found a kernel BUG in hfsbnodeput: kernel...
CVE-2025-68774
A race condition was found in the Linux kernel's HFS+ filesystem. When sync and link are called concurrently, two threads may attempt to create the same bnode simultaneously. If one thread reuses a bnode newly created by another thread without properly incrementing the reference count, a subseque...
SUSE CVE-2025-68774
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix missing hfsbnodeget in hfsbnodecreate When sync and link are called concurrently, both threads may enter hfsbnodefind without finding the node in the hash table and proceed to create it. Thread A: hfspluswriteinode -...
CVE-2025-68774
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix missing hfsbnodeget in hfsbnodecreate When sync and link are called concurrently, both threads may enter hfsbnodefind without finding the node in the hash table and proceed to create it. Thread A: hfspluswriteinode -...
AZL-74445 CVE-2025-68774 affecting package kernel for versions less than 6.6.121.1-1
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix missing hfsbnodeget in hfsbnodecreate When sync and link are called concurrently, both threads may enter hfsbnodefind without finding the node in the hash table and proceed to create it. Thread A: hfspluswriteinode -...
UBUNTU-CVE-2025-68774
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix missing hfsbnodeget in hfsbnodecreate When sync and link are called concurrently, both threads may enter hfsbnodefind without finding the node in the hash table and proceed to create it. Thread A: hfspluswriteinode -...
CVE-2025-68774
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix missing hfsbnodeget in hfsbnodecreate When sync and link are called concurrently, both threads may enter hfsbnodefind without finding the node in the hash table and proceed to create it. Thread A: hfspluswriteinode -...
CVE-2025-68774 hfsplus: fix missing hfs_bnode_get() in __hfs_bnode_create
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix missing hfsbnodeget in hfsbnodecreate When sync and link are called concurrently, both threads may enter hfsbnodefind without finding the node in the hash table and proceed to create it. Thread A: hfspluswriteinode -...
CVE-2025-68774 hfsplus: fix missing hfs_bnode_get() in __hfs_bnode_create
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix missing hfsbnodeget in hfsbnodecreate When sync and link are called concurrently, both threads may enter hfsbnodefind without finding the node in the hash table and proceed to create it. Thread A: hfspluswriteinode -...
CVE-2025-68774
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix missing hfsbnodeget in hfsbnodecreate When sync and link are called concurrently, both threads may enter hfsbnodefind without finding the node in the hash table and proceed to create it. Thread A: hfspluswriteinode -...
CVE-2025-68774
CVE-2025-68774 describes a race in the Linux kernel HFS+ code where concurrent sync() and link() paths may create the same bnode. If both threads miss the hash table and attempt to create, one inserts the node with refcnt=1 while the other, upon finding the already-inserted node, reuses it withou...
Linux Distros Unpatched Vulnerability : CVE-2025-68774
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hfsplus: fix missing hfsbnodeget in hfsbnodecreate When sync and link are called concurrently, both threads may enter hfsbnodefind without finding the node in...