Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: jfs: fixed a slab-out-of-bounds read in eaget During the “sizecheck” step in eaget, the code checks whether the extended attribute list xattr size matches easize. If not, it logs “eaget: invalid extended attribute” and calls...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005155)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005155 advisory. In the Linux kernel, the following vulnerability has been resolved: jfs: Fix uninit-value access of newea in eabuffer syzbot reports that lzo1x1docompress is using...

ROS-20260126-73-0032

A vulnerability in the eaget function of the fs/jfs/xattr.c component of the Linux operating system kernel is related to reading outside the allowed data buffer boundaries. Exploitation of the vulnerability may allow an attacker to gain access to sensitive data and also cause a denial of service...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992880)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992880 advisory. In the Linux kernel, the following vulnerability has been resolved: jfs: Fix uninit-value access of newea in eabuffer syzbot reports that lzo1x1docompress is using...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990896)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990896 advisory. In the Linux kernel, the following vulnerability has been resolved: jfs: Fix uninit-value access of newea in eabuffer syzbot reports that lzo1x1docompress is using...

EUVD-2025-11818

Malicious code in bioql PyPI...

CVE-2025-39735 jfs: fix slab-out-of-bounds read in ea_get()

In the Linux kernel, the following vulnerability has been resolved: jfs: fix slab-out-of-bounds read in eaget During the "sizecheck" label in eaget, the code checks if the extended attribute list xattr size matches easize. If not, it logs "eaget: invalid extended attribute" and calls printhexdump...

CVE-2025-39735 jfs: fix slab-out-of-bounds read in ea_get()

In the Linux kernel, the following vulnerability has been resolved: jfs: fix slab-out-of-bounds read in eaget During the "sizecheck" label in eaget, the code checks if the extended attribute list xattr size matches easize. If not, it logs "eaget: invalid extended attribute" and calls printhexdump...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from eaget not properly handling the large size extension attribute, which could lead to a buffer overflow...

SUSE CVE-2024-49900

In the Linux kernel, the following vulnerability has been resolved: jfs: Fix uninit-value access of newea in eabuffer syzbot reports that lzo1x1docompress is using uninit-value: ===================================================== BUG: KMSAN: uninit-value in lzo1x1docompress+0x19f9/0x2510...

DEBIAN-CVE-2024-49900

In the Linux kernel, the following vulnerability has been resolved: jfs: Fix uninit-value access of newea in eabuffer syzbot reports that lzo1x1docompress is using uninit-value: ===================================================== BUG: KMSAN: uninit-value in lzo1x1docompress+0x19f9/0x2510...

CVE-2024-49900 jfs: Fix uninit-value access of new_ea in ea_buffer

In the Linux kernel, the following vulnerability has been resolved: jfs: Fix uninit-value access of newea in eabuffer syzbot reports that lzo1x1docompress is using uninit-value: ===================================================== BUG: KMSAN: uninit-value in lzo1x1docompress+0x19f9/0x2510...

The vulnerability of the ea_get() function in the file system jfs of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the eaget function in the fs/jfs/xattr.c file of the JFS file system in the Linux operating system is related to memory writing beyond the allocated buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility o...