Lucene search
K

108 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed errors caused by “off-by-one” values when filling blocks with tlv entries during fast-commit operations. Due to several “off-by-one” errors, or perhaps due to a late change in design that wasn’t fully reflected in...

5.5CVSS5.8AI score0.00146EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.13 views

Ubuntu 20.04 LTS : Linux kernel (FIPS) vulnerabilities (USN-7461-2)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7461-2 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...

7.8CVSS6.9AI score0.00275EPSS
Exploits0References12
EUVD
EUVD
added 2026/05/27 3:33 p.m.12 views

EUVD-2026-32324

In the Linux kernel, the following vulnerability has been resolved: ext4: don't zero the entire extent if EXT4EXTDATAPARTIALVALID1 When allocating initialized blocks from a large unwritten extent, or when splitting an unwritten extent during end I/O and converting it to initialized, there is...

5.7AI score0.00155EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a race condition between page migration and bitmap modification in the ext4 file system. This...

7.8CVSS5.8AI score0.00099EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ext4: A potential memory leak has been fixed in ext4fcrecordregions. Since krealloc may return NULL, in this case, state-fcregions may not be freed by krealloc. However, state-fcregions is already set to NULL. This could lead to ...

5.5CVSS5.8AI score0.00146EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ext4: Fixed a traversal bug in ext4mbusepreallocated. During allocation, when searching for pre-allocations PA in the per-inode rbtree, we cannot perform a direct traversal of the tree because ext4mbdiscardgrouppreallocation may...

5.8AI score0.00167EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/12 12:31 a.m.12 views

EUVD-2026-29325

barebox version prior to 2026.04.0 contains a denial-of-service vulnerability in ext4 directory parsing in fs/ext4/ext4common.c where the ext4fsiteratedir function fails to validate that directory entry length values are non-zero. Attackers can supply a malicious ext4 filesystem image with a...

6.9CVSS5.8AI score0.00131EPSS
Exploits0References4
OSV
OSV
added 2026/05/11 9:9 p.m.2 views

CVE-2026-34961 barebox ext4 Extent Parsing Out-of-Bounds Read

barebox prior to version 2026.04.0 contains out-of-bounds read vulnerabilities in ext4 extent parsing due to missing validation of the ehentries field against buffer capacity in fs/ext4/ext4common.c. Attackers can supply a malicious ext4 filesystem image via USB, SD card, or network boot to trigg...

6.9CVSS6.2AI score0.0021EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.14 views

PT-2026-39851

Name of the Vulnerable Software and Affected Versions barebox versions prior to 2026.04.0 Description A denial-of-service issue exists in the ext4 directory parsing within fs/ext4/ext4 common.c. The ext4fs iterate dir function does not validate that directory entry length values are non-zero. An...

6.9CVSS5.8AI score0.00131EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.11 views

PT-2026-37068

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ext4 filesystem where pending discard work is not properly handled during remounting. If a filesystem is initially mounted with the discard option and files are...

8.8CVSS5.5AI score0.00224EPSS
Exploits0References439
SUSE CVE
SUSE CVE
added 2026/04/23 1:26 a.m.10 views

SUSE CVE-2026-31447

In the Linux kernel, the following vulnerability has been resolved: ext4: reject mount if bigalloc with sfirstdatablock != 0 bigalloc with sfirstdatablock != 0 is not supported, reject mounting it...

5.6AI score0.00135EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.17 views

PT-2026-34356

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ext4 read inline folio function where the use of BUG ON when inline data size exceeds PAGE SIZE can lead to a kernel panic. The fix replaces this with proper error...

7.1CVSS5.7AI score0.00126EPSS
Exploits0References118
OSV
OSV
added 2026/02/03 6:16 p.m.3 views

CVE-2025-69431

The ZSPACE Q2C NAS contains a vulnerability related to incorrect symbolic link following. Attackers can format a USB drive to ext4, create a symbolic link to its root directory, insert the drive into the NAS device's slot, and then access the USB drive's directory mounted on the NAS using the Sam...

6.1CVSS5.8AI score0.00281EPSS
Exploits1References1
OSV
OSV
added 2026/02/03 6:16 p.m.4 views

CVE-2025-69430

An Incorrect Symlink Follow vulnerability exists in multiple Yottamaster NAS devices, including DM2 version equal to or prior to V1.9.12, DM3 version equal to or prior to V1.9.12, and DM200 version equal to or prior to V1.2.23 that could be exploited by attackers to leak or tamper with the intern...

6.1CVSS5.8AI score0.00281EPSS
Exploits1References1
NVD
NVD
added 2026/02/03 6:16 p.m.11 views

CVE-2025-69431

The ZSPACE Q2C NAS contains a vulnerability related to incorrect symbolic link following. Attackers can format a USB drive to ext4, create a symbolic link to its root directory, insert the drive into the NAS device's slot, and then access the USB drive's directory mounted on the NAS using the Sam...

6.1CVSS0.00281EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/02/03 12:0 a.m.30 views

CVE-2025-69431

The ZSPACE Q2C NAS contains a vulnerability related to incorrect symbolic link following. Attackers can format a USB drive to ext4, create a symbolic link to its root directory, insert the drive into the NAS device's slot, and then access the USB drive's directory mounted on the NAS using the Sam...

0.00281EPSS
Exploits1References1
SUSE Linux
SUSE Linux
added 2026/01/26 11:37 a.m.5 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-38321: smb: Log an error when closeallcacheddirs fails bsc1246328. CVE-2025-38728: smb3: fix for slab out of bounds on mount to ksmbd bsc1249256. CVE-2025-39890:...

8.7CVSS7.1AI score0.00319EPSS
Exploits0References1434
OSV
OSV
added 2026/01/23 3:8 p.m.6 views

SUSE-SU-2026:0278-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-38321: smb: Log an error when closeallcacheddirs fails bsc1246328. - CVE-2025-38728: smb3: fix for slab out of bounds on mount to ksmbd bsc1249256. -...

7.8CVSS6.7AI score0.00519EPSS
Exploits3References835
OSV
OSV
added 2026/01/18 10:12 p.m.55 views

CLSA-2026-1768774361 kernel: Fix of 31 CVEs

ip6vti: fix slab-use-after-free in decodesession6 CVE-2023-53821 - ACPICA: Add AMLNOOPERANDRESOLVE flag to Timer CVE-2023-53395 - wifi: mac80211hwsim: drop short frames CVE-2023-53321 - ext4: add bounds checking in getmaxinlinexattrvaluesize CVE-2023-53285 - md/raid10: fix null-ptr-deref in...

7.8CVSS7.1AI score0.00614EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001296)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001296 advisory. Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in ext4updateinlinedata. An...

7.1CVSS6.7AI score0.02914EPSS
Exploits1References17
Rows per page
Query Builder