CVE-2026-31449 ext4: validate p_idx bounds in ext4_ext_correct_indexes

In the Linux kernel, the following vulnerability has been resolved: ext4: validate pidx bounds in ext4extcorrectindexes ext4extcorrectindexes walks up the extent tree correcting index entries when the first extent in a leaf is modified. Before accessing pathk.pidx-eiblock, there is no validation...

PT-2026-34354

In the Linux kernel, the following vulnerability has been resolved: ext4: validate p idx bounds in ext4 ext correct indexes ext4 ext correct indexes walks up the extent tree correcting index entries when the first extent in a leaf is modified. Before accessing pathk.p idx-ei block, there is no...

CVE-2026-27211

Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. Versions 34.0 through 50.0 arevulnerable to arbitrary host file exfiltration constrained by process privileges when using virtio-block devices backed by raw images. A malicious guest can overwrite its disk header with a crafted...

PT-2026-21357

Name of the Vulnerable Software and Affected Versions Cloud Hypervisor versions 34.0 through 50.0 Description Cloud Hypervisor, a Virtual Machine Monitor for Cloud workloads, has an issue where a malicious guest can potentially access sensitive host files. This occurs when using virtio-block...

openstack-nova: Host data leak through resize/migration

An information-exposure flaw was found in the OpenStack Compute nova resize and migrate functionality. An authenticated user could write a malicious qcow header to an ephemeral or root disk, referencing a block device as a backing file. With a subsequent resize or migration, file system content o...