Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: nilfs2: Access to buffers is protected when there are no active references to them. The function nilfslookupdirtydatabuffers iterates through the buffers attached to dirty data folios/pages. It accesses these attached buffers...

f2fs: fix to account dirty data in __get_secs_required()

...

PT-2025-38187

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw within the nilfs2 file system where dirty data might be written to after the file system has degraded to read-only mode. This occurs because mark buffe...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a lack of shutdown checks in exfat, which could result in an error not being returned when reading dirty dat...

SUSE CVE-2025-21811

In the Linux kernel, the following vulnerability has been resolved: nilfs2: protect access to buffers with no active references nilfslookupdirtydatabuffers, which iterates through the buffers attached to dirty data folios/pages, accesses the attached buffers without locking the folios/pages. For...

CVE-2024-53220

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to account dirty data in getsecsrequired It will trigger system panic w/ testcase in 1: ------------ cut here ------------ kernel BUG at fs/f2fs/segment.c:2752! RIP: 0010:newcurseg+0xc81/0x2110 Call Trace:...

DEBIAN-CVE-2024-53220

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to account dirty data in getsecsrequired It will trigger system panic w/ testcase in 1: ------------ cut here ------------ kernel BUG at fs/f2fs/segment.c:2752! RIP: 0010:newcurseg+0xc81/0x2110 Call Trace:...

UBUNTU-CVE-2024-53220

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to account dirty data in getsecsrequired It will trigger system panic w/ testcase in 1: ------------ cut here ------------ kernel BUG at fs/f2fs/segment.c:2752! RIP: 0010:newcurseg+0xc81/0x2110 Call Trace:...

CVE-2024-53220

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to account dirty data in getsecsrequired It will trigger system panic w/ testcase in 1: ------------ cut here ------------ kernel BUG at fs/f2fs/segment.c:2752! RIP: 0010:newcurseg+0xc81/0x2110 Call Trace:...

DEBIAN-CVE-2024-47690

In the Linux kernel, the following vulnerability has been resolved: f2fs: get rid of online repaire on corrupted directory syzbot reports a f2fs bug as below: kernel BUG at fs/f2fs/inode.c:896! RIP: 0010:f2fsevictinode+0x1598/0x15c0 fs/f2fs/inode.c:896 Call Trace: evict+0x532/0x950 fs/inode.c:704...

CVE-2024-47690

CVE-2024-47690 concerns the Linux kernel F2FS: online repair in f2fs_lookup() can race with a readonly remount, potentially leaving a dirty inode and triggering a kernel panic during eviction. The advisory states the fix is to remove online repair in f2fs_lookup() and delegate integrity checks to...

CVE-2024-47690 f2fs: get rid of online repaire on corrupted directory

In the Linux kernel, the following vulnerability has been resolved: f2fs: get rid of online repaire on corrupted directory syzbot reports a f2fs bug as below: kernel BUG at fs/f2fs/inode.c:896! RIP: 0010:f2fsevictinode+0x1598/0x15c0 fs/f2fs/inode.c:896 Call Trace: evict+0x532/0x950 fs/inode.c:704...

UBUNTU-CVE-2024-26696

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix hang in nilfslookupdirtydatabuffers Syzbot reported a hang issue in migratepagesbatch called by mbind and nilfslookupdirtydatabuffers called in the log writer of nilfs2. While migratepagesbatch locks a folio and waits...

Discuz! xxe 可破坏数据库结构，导致脏数据进入

简要描述： Discuz! xxe 可破坏数据库结构，导致脏数据进入.......dz太变态了，小引号也过滤了，妹的，没办法只能分析到这里，但是隐约感觉到，这里存在很大的风险，因为改变了系统模板风格，先发个福利，大家自己看吧 详细说明： 首先我们看文件: portalcpdiy.php（lines:301-324）: if submitcheck'importsubmit' $isinner = false; $filename = ''; if$POST'importfilename' $filename =...