Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ext4: a potential memory leak has been fixed in ext4fcrecordregions. Since krealloc may return NULL, in this case, state-fcregions may not be freed by krealloc. However, state-fcregions is already set to NULL. This could lead to ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ext4: Fixed a traversal bug in ext4mbusepreallocated. During allocation, when searching for pre-allocations PA in the per-inode rbtree, we cannot perform a direct traversal of the tree. This is because...

EUVD-2026-29325

barebox version prior to 2026.04.0 contains a denial-of-service vulnerability in ext4 directory parsing in fs/ext4/ext4common.c where the ext4fsiteratedir function fails to validate that directory entry length values are non-zero. Attackers can supply a malicious ext4 filesystem image with a...

PT-2026-37068

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ext4 filesystem where pending discard work is not properly handled during remounting. If a filesystem is initially mounted with the discard option and files are...

CVE-2025-69431

The ZSPACE Q2C NAS contains a vulnerability related to incorrect symbolic link following. Attackers can format a USB drive to ext4, create a symbolic link to its root directory, insert the drive into the NAS device's slot, and then access the USB drive's directory mounted on the NAS using the Sam...

CVE-2025-69431

The ZSPACE Q2C NAS contains a vulnerability related to incorrect symbolic link following. Attackers can format a USB drive to ext4, create a symbolic link to its root directory, insert the drive into the NAS device's slot, and then access the USB drive's directory mounted on the NAS using the Sam...

MiracleLinux 3 : kernel-2.6.18-308.7.AXS3 (AXSA:2012-1010:08)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-1010:08 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating system:...

PT-2026-8140

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to a reference count leak within the ext4 file system. Specifically, the error branch in the ext4 xattr inode update ref function fails to relea...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-992989)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992989 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix WARNING in mbfindextent Syzbot found the following issue: EXT4-fs: Warning: mounting wi...

EUVD-2022-55853

In the Linux kernel, the following vulnerability has been resolved: ext4: fix inode leak in ext4xattrinodecreate on an error path There is issue as follows when do setxattr with inject fault: localhost fsck.ext4 -fn /dev/sda e2fsck 1.46.6-rc1 12-Sep-2022 Pass 1: Checking inodes, blocks, and sizes...

CVE-2023-53813

In the Linux kernel, the following vulnerability has been resolved: ext4: fix rbtree traversal bug in ext4mbusepreallocated During allocations, while looking for preallocationsPA in the per inode rbtree, we can't do a direct traversal of the tree because ext4mbdiscardgrouppreallocation can...

CVE-2023-53861

In the Linux kernel, the following vulnerability has been resolved: ext4: correct grp validation in ext4mbgoodgroup Group corruption check will access memory of grp and will trigger kernel crash if grp is NULL. So do NULL check before corruption check...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a corrupted ext4 filesystem mbcache entry, which could lead to a deadlock...

CVE-2025-40198

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid potential buffer over-read in parseapplysbmountoptions Unlike other strings in the ext4 superblock, we rely on tune2fs to make sure smountopts is NUL terminated. Harden parseapplysbmountoptions by treating smountopts ...

kernel: ext4: only dirty folios when data journaling regular files

In the Linux kernel, the following vulnerability has been resolved: ext4: only dirty folios when data journaling regular files fstest generic/388 occasionally reproduces a crash that looks as follows: BUG: kernel NULL pointer dereference, address: 0000000000000000 ... Call Trace:...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49138: Bluetooth: hcievent: Fix checking conn for leconncompleteevt bsc1238160. CVE-2022-50233: Bluetooth: eir: Fix using strlen with hdev-devname,shortnam...

CVE-2023-53692

In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free read in ext4findextent for bigalloc + inline Syzbot found the following issue: loop0: detected capacity change from 0 to 2048 EXT4-fs loop0: mounted filesystem 00000000-0000-0000-0000-000000000000 without...

CVE-2023-53662 ext4: fix memory leaks in ext4_fname_{setup_filename,prepare_lookup}

In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leaks in ext4fnamesetupfilename,preparelookup If the filename casefolding fails, we'll be leaking memory from the fscryptname struct, namely from the 'cryptobuf.name' member. Make sure we free it in the error pat...

CVE-2022-50428

CVE-2022-50428 affects the Linux kernel ext4 fast-commit journaling, caused by multiple off-by-one errors in filling tlv blocks. The issues constrain where tlvs start and end within a block, risking replay problems and memory leakage in last-byte handling. The fixed patch corrects block-filling o...

PT-2025-40150

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's ext4 filesystem related to the fast-commit journal. Specifically, uninitialized memory could be leaked to disk when space at the end of fast-commit...