309 matches found
CVE-2026-46251
A flaw was found in the Linux kernel's Btrfs filesystem. When the EXTENTTREEV2 incompatibility flag is enabled, the block group tree's dirty list can become corrupted. This corruption occurs because the block group tree is incorrectly added to a commit list while already being tracked, leading to...
CVE-2026-46129
A flaw was found in the Linux kernel, specifically within the btrfs filesystem. This vulnerability, a double free, occurs in the createspaceinfo function's error handling path. When an internal object initialization fails, the system attempts to release memory twice for the same resource. This ca...
CVE-2026-46159
A flaw was found in the btrfs filesystem within the Linux kernel. A Time-of-check to time-of-use TOCTOU race condition in the btrfsioctlspaceinfo function allows a local attacker to exploit a timing window. This occurs when the system counts entries for allocation size and then fills a buffer, bu...
CVE-2026-46160
A flaw was found in the Linux kernel's Btrfs filesystem. This vulnerability occurs when the lastunlinktrans field is not properly updated during directory removal. If a user maintains an open file descriptor to a removed directory and subsequently performs a filesystem synchronization fsync...
UBUNTU-CVE-2026-46129
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix double free in createspaceinfo error path When kobjectinitandadd fails, the call chain is: createspaceinfo - btrfssysfsaddspaceinfotype - kobjectinitandadd - failure - kobjectput&spaceinfo-kobj - spaceinforelease -...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from discontinuous gaps during block allocation in btrfs. This issue causes an EEXIST error in the...
Ubuntu 20.04 LTS : Linux kernel (GCP) vulnerabilities (USN-8297-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8297-1 advisory. Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission chec...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: btrfs: removed BUGON functions in addnewfreespace In addnewfreespace, there are BUGON functions that are used to handle any failures in adding free space to the in-memory free space cache. Such failures are mostly due to ENOME...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: Fixed a race condition between rename operations and directory logging. There is a race condition between a rename operation and directory inode logging. If this race condition occurs, and the system crashes or loses power...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: btrfs: fixed an issue where inode lists were leaked during backref walking in findparentnodes. During backref walking, when findparentnodes is called, if we are dealing with a data extent and an error occurs while resolving...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: btrfs: Protect folio::private when attaching an extent buffer for folios. BUG Since version 6.8, several people have reported rare kernel crashes. The common cause is incorrect page status error messages like this: BUG: Incorrect...
CVE-2026-43338
A flaw was found in the Linux kernel's Btrfs filesystem. The qgroup ioctls input/output control system calls for quota groups do not reserve sufficient transaction space. A local user can exploit this by performing specific qgroup operations, which can lead to a transaction abort and result in a...
CVE-2026-43359
A flaw was found in the Linux kernel's Btrfs file system. A local malicious user, who owns a subvolume, can exploit an item overflow vulnerability when repeatedly calling the set received ioctl with the same received UUID field for multiple subvolumes. This can trigger a transaction abort, leadin...
CVE-2026-43358
A flaw was found in the Linux kernel's btrfs filesystem. A missing Read-Copy Update RCU unlock in an error path within the tryreleasesubpageextentbuffer function could lead to system instability. This issue, identified by a thread-safety analyzer, may result in a denial of service condition,...
CVE-2026-43299
A flaw was found in the Linux kernel's btrfs filesystem. When the filesystem encounters an out-of-space ENOSPC error and transitions to a read-only state, a pending read repair operation can trigger an assertion failure within the btrfsrepairiofailure function. This issue can lead to a kernel...
CVE-2026-43360
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix transaction abort on file creation due to name hash collision If we attempt to create several files with names that result in the same hash, we have to pack them in same dir item and that has a limit inherent to the le...
CVE-2026-43360
CVE-2026-43360 affects the Linux kernel Btrfs file system. A hash-collision during multi-file creation can force multiple entries into a single dir item and, once a leaf size limit is reached, abort the transaction and leave the filesystem read-only, enabling a local DoS without admin privileges....
CVE-2026-43360
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix transaction abort on file creation due to name hash collision If we attempt to create several files with names that result in the same hash, we have to pack them in same dir item and that has a limit inherent to the le...
CVE-2026-43359
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix transaction abort on set received ioctl due to item overflow If the set received ioctl fails due to an item overflow when attempting to add the BTRFSUUIDKEYRECEIVEDSUBVOL we have to abort the transaction since we did...
CVE-2026-43308
In the Linux kernel, the following vulnerability has been resolved: btrfs: don't BUG on unexpected delayed ref type in runonedelayedref There is no need to BUG, we can just return an error and log an error message...