815 matches found
CVE-2026-43288
A flaw was found in the Linux kernel's ext4 filesystem. A local user can trigger a system panic, leading to a Denial of Service DoS, by mounting a specially crafted ext4 filesystem with specific quota and project options. This occurs because a per-CPU counter is accessed before it is properly...
CVE-2026-43065
A flaw was found in the ext4 filesystem within the Linux kernel. When an ext4 filesystem is initially mounted with the 'discard' option and then remounted with 'nodiscard', pending discard operations may not be properly cancelled or flushed. This can lead to unhandled resource operations if the...
CVE-2026-43068
A flaw was found in the Linux kernel's ext4 filesystem. This vulnerability occurs when the system attempts to allocate blocks from a corrupted block group within the ext4 filesystem. An attacker with local access could potentially trigger this condition, leading to delayed block allocation failur...
CVE-2026-43067
A flaw was found in the ext4 filesystem within the Linux kernel. This vulnerability involves an issue where the system incorrectly handles block allocation for indirect mapped files, potentially allowing blocks to be allocated beyond their defined 32-bit limit. This could lead to data corruption ...
SUSE CVE-2026-43066
In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4fcreplayinode error paths During code review, Joseph found that ext4fcreplayinode calls ext4getfcinodeloc to get the inode location, which holds a reference to iloc.bh that must be released via brels...
Linux Distros Unpatched Vulnerability : CVE-2026-43067
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ext4: handle wraparound when searching for blocks for indirect mapped blocks Commit...
EUVD-2026-27368
In the Linux kernel, the following vulnerability has been resolved: ext4: handle wraparound when searching for blocks for indirect mapped blocks Commit 4865c768b563 "ext4: always allocate blocks only from groups inode can use" restricts what blocks will be allocated for indirect block based files...
CVE-2026-43066
CVE-2026-43066: In Linux kernel ext4_fc_replay_inode(), iloc.bh leak could occur on error paths due to missing brelse at several failure points. The patch adds an out_brelse label before the existing out label to ensure iloc.bh is released, and also makes ext4_fc_replay_inode() propagate errors i...
CVE-2026-43066
In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4fcreplayinode error paths During code review, Joseph found that ext4fcreplayinode calls ext4getfcinodeloc to get the inode location, which holds a reference to iloc.bh that must be released via brels...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ext4: Do not set SBRDONLY after filesystem errors When the filesystem is mounted with errors=remount-ro, we previously set the SBRDONLY flag to prevent any further modifications to the filesystem. We knew that this approach misse...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ext4: avoid potential buffer over-read in parseapplysbmountoptions Unlike other strings in the ext4 superblock, we rely on tune2fs to make sure smountopts is NUL terminated. Harden parseapplysbmountoptions by treating smountopts ...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ext4: Regenerate the buddy structure after block freeing fails when under fc replay. This fix primarily reverts to commit 6bd97bf273bd “ext4: Remove redundant mbregeneratebuddy”, and reintroduces the function mbregeneratebuddy...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
A use-after-free vulnerability was discovered in the Linux kernel’s ext4 file system, particularly regarding the handling of the additional inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15
An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4groupdesccsum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend again...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ext4: detect invalid INLINEDATA + EXTENTS flag combination syzbot reported a BUGON in ext4escacheextent when opening a verity file on a corrupted ext4 filesystem mounted without a journal. The issue is that the filesystem has an...
CLSA-2026-1777614651 kernel: Fix of 52 CVEs
crypto: algifaead - Fix minimum RX size check for decryption - crypto: afalg - Fix page reassignment overflow in afalgpulltsgl - crypto: authencesn - Fix src offset when decrypting in-place - crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption - crypto: authenc - use...
ext4: avoid infinite loops caused by residual data
...
SUSE CVE-2026-31446
In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free in updatesuperwork when racing with umount Commit b98535d09179 "ext4: fix bugon in startthishandle during umount filesystem" moved ext4unregistersysfs before flushing ssbupdwork to prevent new error work...
CVE-2026-31452
A flaw was found in the Linux kernel's ext4 filesystem. A local user could exploit a vulnerability where the truncate function, when used to expand a file beyond its inline data capacity, fails to properly convert the file to extent-based storage. This inconsistency can lead to a kernel crash BUG...
CVE-2026-31451
A flaw was found in the Linux kernel's ext4 filesystem. When processing inline data, if the data size exceeded the expected page size, it could lead to a kernel panic. This issue could be triggered by a local user with access to a specially crafted or corrupted ext4 filesystem, resulting in a...