Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: fixed to avoid dirent corruption As Al reported in link 1: f2fsrename ... if olddir != newdir && !whiteout f2fssetlinkoldinode, olddirentry, olddirpage, newdir; else f2fsputpageolddirpage, 0; You need the correct inumber...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Nilfs2: Fixed a kernel bug related to the rename operation on broken directories. Syzbot reported that in the rename operation on broken directories in Nilfs2, the blockwritebeginint function called to prepare block writing may...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: checks dot and dotdot of dxroot before making dir indexed Syzbot reports the following issue: ============================================ BUG: Unable to handle page fault for address: ffffed11022e24fe PGD 23ffee067 P4D...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: fix OOB read when checking dotdot dir Mounting a corrupted filesystem with directory which contains '.' dir entry with reclen == block size results in out-of-bounds read later on, when the corrupted directory is removed...

MiracleLinux 7 : kernel-3.10.0-1160.119.1.0.11.el7.AXS7 (AXSA:2025-9972:35)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9972:35 advisory. ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices CVE-2024-53197 Bluetooth: L2CAP: Fix slab-use-after-free Read in...

os/exec: Unexpected paths returned from LookPath in os/exec

A path handling flaw has been discovered in the os/exec go package. If the PATH environment variable contains paths which are executables rather than just directories, passing certain strings to LookPath "", ".", and "..", can result in the binaries listed in the PATH being unexpectedly returned...

CVE-2025-3355

IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 21 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-399368)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-399368 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix OOB read when checking dotdot dir Mounting a corrupted filesystem with directory which...

RLSA-2025:8374 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: sched/fair: Fix potential memory corruption in childcfsrqonlist CVE-2025-21919 kernel: cifs: Fix integer overflow while processing acregmax mount option CVE-2025-21964 kernel: ext4: fix O...

Linux Distros Unpatched Vulnerability : CVE-2024-41034

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nilfs2: fix kernel bug on rename operation of broken directory Syzbot reported that in rename directory operation on broken directory on nilfs2,...

Important: kernel-livepatch-6.1.132-147.221

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix potential memory corruption in nvmetcprecvpdu CVE-2025-21927 In the Linux kernel, the following vulnerability has been resolved: ext4: fix OOB read when checking dotdot dir CVE-2025-37785 Affected...

Important: kernel-livepatch-6.1.131-143.221

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix potential memory corruption in nvmetcprecvpdu CVE-2025-21927 In the Linux kernel, the following vulnerability has been resolved: ext4: fix OOB read when checking dotdot dir CVE-2025-37785 Affected...

Important: kernel-livepatch-6.1.130-139.222

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix potential memory corruption in childcfsrqonlist CVE-2025-21919 In the Linux kernel, the following vulnerability has been resolved: vlan: enforce underlying device type CVE-2025-21920 In the Linux...

kernel: ext4: fix OOB read when checking dotdot dir

A flaw was found in the ext4 module in the Linux kernel. An out-of-bounds read can be triggered when a corrupted ext4 filesystem is mounted due to a missing check, resulting in a denial of service that causes the system to freeze or become unusable...

kernel: ext4: fix OOB read when checking dotdot dir

A flaw was found in the ext4 module in the Linux kernel. An out-of-bounds read can be triggered when a corrupted ext4 filesystem is mounted due to a missing check, resulting in a denial of service that causes the system to freeze or become unusable...

CLSA-2025-1747430081 Fix of 50 CVEs

CVE-url: https://ubuntu.com/security/CVE-2021-47352 - virtio-net: Add validation for used length CVE-url: https://ubuntu.com/security/CVE-2024-46745 - Input: uinput - reject requests with unreasonable number of slots CVE-url: https://ubuntu.com/security/CVE-2024-44952 - driver core: Fix ueventsho...

kernel: ext4: check dot and dotdot of dx_root before making dir indexed

In the Linux kernel, the following vulnerability has been resolved: ext4: check dot and dotdot of dxroot before making dir indexed Syzbot reports a issue as follows: ============================================ BUG: unable to handle page fault for address: ffffed11022e24fe PGD 23ffee067 P4D...

ext4: fix OOB read when checking dotdot dir

...

SUSE CVE-2025-37785

In the Linux kernel, the following vulnerability has been resolved: ext4: fix OOB read when checking dotdot dir Mounting a corrupted filesystem with directory which contains '.' dir entry with reclen == block size results in out-of-bounds read later on, when the corrupted directory is removed...

AZL-61475 CVE-2025-37785 affecting package kernel for versions less than 6.6.92.2-1

In the Linux kernel, the following vulnerability has been resolved: ext4: fix OOB read when checking dotdot dir Mounting a corrupted filesystem with directory which contains '.' dir entry with reclen == block size results in out-of-bounds read later on, when the corrupted directory is removed...