Azure Linux 3.0 Security Update: kernel (CVE-2024-57940)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-57940 advisory. - In the Linux kernel, the following vulnerability has been resolved: exfat: fix the infinite loop in...

UBUNTU-CVE-2025-68337

In the Linux kernel, the following vulnerability has been resolved: jbd2: avoid bugon in jbd2journalgetcreateaccess when file system corrupted There's issue when file system corrupted: ------------ cut here ------------ kernel BUG at fs/jbd2/transaction.c:1289! Oops: invalid opcode: 0000 1 SMP...

SUSE CVE-2025-38701

In the Linux kernel, the following vulnerability has been resolved: ext4: do not BUG when INLINEDATAFL lacks system.data xattr A syzbot fuzzed image triggered a BUGON in ext4updateinlinedata when an inode had the INLINEDATAFL flag set but was missing the system.data extended attribute. Since this...

CVE-2025-38701 ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr

In the Linux kernel, the following vulnerability has been resolved: ext4: do not BUG when INLINEDATAFL lacks system.data xattr A syzbot fuzzed image triggered a BUGON in ext4updateinlinedata when an inode had the INLINEDATAFL flag set but was missing the system.data extended attribute. Since this...

CVE-2024-57940

In the Linux kernel, the following vulnerability has been resolved: exfat: fix the infinite loop in exfatreaddir If the file system is corrupted so that a cluster is linked to itself in the cluster chain, and there is an unused directory entry in the cluster, 'dentry' will not be incremented,...

CVE-2021-47406

In the Linux kernel, the following vulnerability has been resolved: ext4: add error checking to ext4extreplaysetiblocks If the call to ext4mapblocks fails due to an corrupted file system, ext4extreplaysetiblocks can get stuck in an infinite loop. This could be reproduced by running generic/526 wi...

CVE-2021-47406 ext4: add error checking to ext4_ext_replay_set_iblocks()

In the Linux kernel, the following vulnerability has been resolved: ext4: add error checking to ext4extreplaysetiblocks If the call to ext4mapblocks fails due to an corrupted file system, ext4extreplaysetiblocks can get stuck in an infinite loop. This could be reproduced by running generic/526 wi...

CVE-2021-47116 ext4: fix memory leak in ext4_mb_init_backend on error path.

In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leak in ext4mbinitbackend on error path. Fix a memory leak discovered by syzbot when a file system is corrupted with an illegally large sloggroupsperflex...

kernel: gfs2: NULL pointer dereference in gfs2_evict_inode()

A NULL pointer dereference flaw was found in the gfs2 file system in the Linux kernel. This issue occurs on corrupt gfs2 file systems when the evict code tries to reference the journal descriptor structure after it has been freed and set to NULL. This flaw allows a privileged local user to cause ...

kernel: gfs2: NULL pointer dereference in gfs2_evict_inode()

A NULL pointer dereference flaw was found in the gfs2 file system in the Linux kernel. This issue occurs on corrupt gfs2 file systems when the evict code tries to reference the journal descriptor structure after it has been freed and set to NULL. This flaw allows a privileged local user to cause ...

PT-2024-11168 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak has been discovered in the Linux kernel, specifically in the ext4 file system. The issue occurs when a file system is corrupted with an illegally large s log groups per...

GLSA-202003-05 : e2fsprogs: Arbitrary code execution

The remote host is affected by the vulnerability described in GLSA-202003-05 e2fsprogs: Arbitrary code execution It was discovered that e2fsprogs incorrectly handled certain ext4 partitions. Impact : A remote attacker could entice a user to process a specially crafted corrupted file system using...

[PRE-SA-2011-06] Linux kernel: ZERO_SIZE_PTR dereference for long symlinks in Be FS

PRE-CERT Security Advisory ========================== Advisory: PRE-SA-2011-06 Released on: 19 August 2011 Last updated on: 19 August 2011 Affected product: Linux Kernel 2.4, 2.6, and 3.0 Impact: denial-of-service Origin: Be file system Credit: Timo Warns PRESENSE Technologies GmbH CVE Identifier...