34 matches found
CVE-2026-46046
The CVE reports a refcount leak in ext4_xattr_inode_dec_ref_all() due to not releasing iloc with brelse() after ext4_get_inode_loc(), fixed by commit c8e008b6. OSV entries show patches in Root:Ubuntu 22.04/24.04, Debian, Debian-based RootIO builds, and openSUSE kernel-devel 7.0.11-1.1 for GA medi...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: Tunnels: Fixed out-of-bounds access issues when generating IPv6 PMTU errors. If the ICMPv6 error is generated using a non-linear skb, the following issues arise: BUG: KASAN: Out-of-bounds access in docsum+0x220/0x240 Reading o...
can: gw: fix OOB heap access in cgw_csum_crc8_rel()
...
CVE-2026-31684
The CVE-2026-31684 issue is in the Linux kernel’s net/sched pathology (act_csum) where tcf_csum_act() reads nested VLAN headers directly from skb->data if the payload contains VLAN tags, and may read VLAN_HLEN bytes before guaranteeing the full header is present. The root cause is that the cod...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the nested VLAN headers in actcsum not being linearly present. This vulnerability may lead to the...
Azure Linux 3.0 Security Update: kernel (CVE-2025-38059)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38059 advisory. - In the Linux kernel, the following vulnerability has been resolved: btrfs: avoid NULL pointer dereference if...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989774)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989774 advisory. In the Linux kernel, the following vulnerability has been resolved: ipgre: test csumstart instead of transport header GRE with TUNNELCSUM will apply local checksum...
CVE-2023-53726
In the Linux kernel, the following vulnerability has been resolved: arm64: csum: Fix OoB access in IP checksum code for negative lengths Although commit c2c24edb1d9c "arm64: csum: Fix pathological zero-length calls" added an early return for zero-length input, syzkaller has popped up with an...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414297)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414297 advisory. An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because...
CVE-2023-53439
In the Linux kernel, the following vulnerability has been resolved: net: skbpartialcsumset fix against transport header magic value skb-transportheader uses the special 0xFFFF value to mark if the transport header was set or not. We must prevent callers to accidentaly set skb-transportheader to...
UBUNTU-CVE-2023-53439
In the Linux kernel, the following vulnerability has been resolved: net: skbpartialcsumset fix against transport header magic value skb-transportheader uses the special 0xFFFF value to mark if the transport header was set or not. We must prevent callers to accidentaly set skb-transportheader to...
CVE-2023-53439 net: skb_partial_csum_set() fix against transport header magic value
In the Linux kernel, the following vulnerability has been resolved: net: skbpartialcsumset fix against transport header magic value skb-transportheader uses the special 0xFFFF value to mark if the transport header was set or not. We must prevent callers to accidentaly set skb-transportheader to...
CVE-2025-39770
In the Linux kernel, the following vulnerability has been resolved: net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6CSUM When performing Generic Segmentation Offload GSO on an IPv6 packet that contains extension headers, the kernel incorrectly requests checksum offload if the...
CVE-2025-38260 btrfs: handle csum tree error with rescue=ibadroots correctly
In the Linux kernel, the following vulnerability has been resolved: btrfs: handle csum tree error with rescue=ibadroots correctly BUG There is syzbot based reproducer that can crash the kernel, with the following call trace: With some debug output added DEBUG: rescue=ibadroots parsed BTRFS: devic...
PT-2025-28888
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.15.0-custom+ 249 Description: A flaw exists in the Linux kernel related to handling checksum tree errors when the rescue=ibadroots mount option is used. Specifically, if a corrupted checksum tree root is...
CVE-2025-38059
In the Linux kernel, the following vulnerability has been resolved: btrfs: avoid NULL pointer dereference if no valid csum tree BUG When trying read-only scrub on a btrfs with rescue=idatacsums mount option, it will crash with the following call trace: BUG: kernel NULL pointer dereference, addres...
CVE-2025-38059
The CVE-2025-38059 entry documents a Linux kernel data integrity issue in btrfs: when using rescue=idatacsums, scrub can trigger a NULL pointer dereference due to not loading the csum tree. Concrete root cause: scrub path may call btrfs_search_slot() on a NULL pointer because the NO_DATA_CSUMS fl...
CVE-2025-38059 btrfs: avoid NULL pointer dereference if no valid csum tree
In the Linux kernel, the following vulnerability has been resolved: btrfs: avoid NULL pointer dereference if no valid csum tree BUG When trying read-only scrub on a btrfs with rescue=idatacsums mount option, it will crash with the following call trace: BUG: kernel NULL pointer dereference, addres...
CVE-2025-38059
In the Linux kernel, the following vulnerability has been resolved: btrfs: avoid NULL pointer dereference if no valid csum tree BUG When trying read-only scrub on a btrfs with rescue=idatacsums mount option, it will crash with the following call trace: BUG: kernel NULL pointer dereference, addres...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: btrfs: Avoid NULL pointer dereferencing if no valid csum tree exists. BUG When attempting a read-only scrub operation on a btrfs volume with the rescue=idatacsums mount option, the operation will crash due to the following call...