CVE-2026-46080

The CVE-2026-46080 entry documents a Linux kernel OCFS2 issue where JBD2 credit exhaustion during direct I/O writes could trigger warnings. The fix addresses this by: (1) splitting and batching extent operations in ocfs2_dio_end_io_write to prevent exceeding journal credits, (2) relocating ocfs2_...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: ocfs2: dlmfs: fixed error handling of userdlmdestroylock When userdlmdestroylock failed, it did not clean up the flags it set before exiting. For USERLOCKINTEARDOWN, if this function fails because the lock is still in use, the...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ocfs2: Added bounds checking to ocfs2checkdirentry. This adds sanity checks for ocfs2direntry to ensure that all members of ocfs2direntry do not go beyond the valid memory region...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: ocfs2: Reserving space for inline xattr before attaching the reflink tree One of our customers reported a crash and a corrupted ocfs2 filesystem. The crash was due to the detection of corruption. Upon troubleshooting, the fsck -f...

CVE-2026-43168

A flaw was found in the Linux kernel's Oracle Cluster File System version 2 ocfs2. This vulnerability arises from an issue in the reflink preserve cleanup process, where the system incorrectly handles extended attribute xattr entries. The cleanup logic fails to properly manage pointers and clean ...

CVE-2026-43168

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix reflink preserve cleanup issue commit c06c303832ec "ocfs2: fix xattr array entry countedby error" doesn't handle all cases and the cleanup job for preserved xattr entries still has bug: - the 'last' pointer should be...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ocfs2: The ltreedepth field was validated to prevent out-of-bounds access. The ltreedepth field is 16-bit le16, but the actual maximum depth is limited to OCFS2MAXPATHDEPTH. A check was added to prevent out-of-bounds access if th...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ocfs2: Properly handles errors when reading symbolic links. The patch series “Convert ocfs2 to use folios”. Mark converted ocfs2 to use folios and sent it to me as a major patch for review ;- So I reworked it into individual...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005518)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005518 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: reserve space for inline xattr before attaching reflink tree One of our customers reported...

Azure Linux 3.0 Security Update: kernel (CVE-2024-40951)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-40951 advisory. - In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix NULL pointer dereference in...

MiracleLinux 3 : net-snmp-5.3.2.2-20.0.1.AXS3 (AXSA:2013-32:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-32:01 advisory. SNMP Simple Network Management Protocol is a protocol used for network management. The NET-SNMP project includes various SNMP tools: an extensible agent, an SN...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002699)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002699 advisory. In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations ...

CVE-2025-68771

Summary of CVE-2025-68771 (Linux kernel, ocfs2): A kernel BUG in ocfs2_find_victim_chain() was triggered when cl_next_free_rec in the allocation chain list was 0, which caused a BUG_ON(!cl->cl_next_free_rec) panic. The fix adds a guard in ocfs2_claim_suballoc_bits() to handle two conditions be...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992825)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992825 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: validate ltreedepth to avoid out-of-bounds access The ltreedepth field is 16-bit le16, but...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993184)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993184 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption after failed write When buffered write fails to copy data into...

TencentOS Server 2: kernel (TSSA-2025:0431)

"The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0431 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilitie...

EUVD-2025-30849

Malicious code in bioql PyPI...

CVE-2025-39885 ocfs2: fix recursive semaphore deadlock in fiemap call

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix recursive semaphore deadlock in fiemap call syzbot detected a OCFS2 hang due to a recursive semaphore on a FSIOCFIEMAP of the extent list on a specially crafted mmap file. contextswitch kernel/sched/core.c:5357 inline...

PT-2025-38549

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the ocfs2 subsystem. Specifically, a null-pointer dereference can occur during the journal shutdown process due to a race condition where...

ocfs2: Avoid touching renamed directory if parent does not change

...