Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed a use-after-free issue in ext4findextent when using bigalloc with inline data. Syzbot identified the following issue: loop0: A change in capacity was detected, from 0 to 2048. EXT4-fs loop0: The filesystem...

CLSA-2026-1777636990 Fix of 9 CVEs

CVE-2026-31431 - crypto: scatterwalk - Backport memcpysglist CVE-2026-31431 - crypto: algifaead - use memcpysglist instead of null skcipher CVE-2026-31431 - crypto: algifaead - Revert to operating out-of-place CVE-2026-31431 - crypto: algifaead - snapshot IV for async AEAD requests CVE-2026-31431...

CVE-2026-31448

CVE-2026-31448 concerns the Linux kernel ext4 filesystem. The issue arises on mkdir/mknod when an extent insertion fails and ext4_ext_map_blocks() reclaims blocks without removing corresponding data from the extent tree, allowing the same physical block to be referenced by both directory and xatt...

SUSE SLES15 Security Update : kernel (SUSE-SU-2026:0278-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0278-1 advisory. The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-3832...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992744)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992744 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix WARNING in ext4updateinlinedata Syzbot found the following issue: EXT4-fs loop0: mount...

CVE-2022-50782 ext4: fix bug_on in __es_tree_search caused by bad quota inode

In the Linux kernel, the following vulnerability has been resolved: ext4: fix bugon in estreesearch caused by bad quota inode We got a issue as fllows: ================================================================== kernel BUG at fs/ext4/extentsstatus.c:202! invalid opcode: 0000 1 PREEMPT SMP...

CVE-2023-54021

In the Linux kernel, the following vulnerability has been resolved: ext4: set goal start correctly in ext4mbnormalizerequest We need to set acgex to notify the goal start used in ext4mbfindbygoal. Set acgex instead of acfex in ext4mbnormalizerequest. Besides we should assure goal start is in rang...

CVE-2023-54021 ext4: set goal start correctly in ext4_mb_normalize_request

In the Linux kernel, the following vulnerability has been resolved: ext4: set goal start correctly in ext4mbnormalizerequest We need to set acgex to notify the goal start used in ext4mbfindbygoal. Set acgex instead of acfex in ext4mbnormalizerequest. Besides we should assure goal start is in rang...

CVE-2022-50638

CVE-2022-50638 (Linux kernel) concerns an ext4 bug_on due to a boot loader inode corruption during ioctl-based swap of boot loader inodes, causing a kernel BUG in ext4_es_end via ext4 extents logic. The issue is triggered when boot loader inode is invalid or not a normal file (S_IFREG) and extent...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.15-2025-094 (ALASKERNEL-5.15-2025-094)

The version of kernel installed on the remote host is prior to 5.15.196-137.219. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2025-094 advisory. In the Linux kernel, the following vulnerability has been resolved: vfs: Don't leak disconnected dentrie...

Siemens SIMATIC S7-1500 Improper Resource Locking (CVE-2024-26772)

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4mbfindbygoal Places the logic for checking if the group's block bitmap is corrupt under the protection of the group lock to avoid allocating blocks from the group with a...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Use After Free (CVE-2024-47701)

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid OOB when system.data xattr changes underneath the filesystem. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

SUSE CVE-2022-50485

In the Linux kernel, the following vulnerability has been resolved: ext4: add EXT4IGETBAD flag to prevent unexpected bad inode There are many places that will get unhappy and crash when ext4iget returns a bad inode. However, if iget the boot loader inode, allows a bad inode to be returned, becaus...

CLSA-2025-1753298962 kernel: Fix of 13 CVEs

udf: Fix a slab-out-of-bounds write bug in udffindentry CVE-2022-49846 - net: atm: fix use after free in lecsend CVE-2025-22004 - ovl: fix UAF in ovldentryupdatereval by moving dput in ovllinkup CVE-2025-21887 - rcutorture: Fix ksoftirqd boosting timing and iteration CVE-2022-50177 - tty: ngsm:...

Important: kernel-livepatch-6.1.131-143.221

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix potential memory corruption in nvmetcprecvpdu CVE-2025-21927 In the Linux kernel, the following vulnerability has been resolved: ext4: fix OOB read when checking dotdot dir CVE-2025-37785 Affected...

CLSA-2025-1747430034 Fix of 54 CVEs

Bionic update: upstream stable patchset 2022-04-13 LP: 1968932 // CVE- url: https://ubuntu.com/security/CVE-2022-23041 - xen/gnttab: fix gnttabendforeignaccess without page specified Bionic update: upstream stable patchset 2023-01-20 LP: 2003596 // CVE- url:...

Important: kernel-livepatch-4.14.355-276.618

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential oob read in nilfsbtreecheckdelete CVE-2024-47757 In the Linux kernel, the following vulnerability has been resolved: ext4: fix double brelse the buffer of the extents path CVE-2024-49882 In t...

CVE-2022-49708 ext4: fix bug_on ext4_mb_use_inode_pa

In the Linux kernel, the following vulnerability has been resolved: ext4: fix bugon ext4mbuseinodepa Hulk Robot reported a BUGON: ================================================================== kernel BUG at fs/ext4/mballoc.c:3211! ... RIP: 0010:ext4mbmarkdiskspaceused.cold+0x85/0x136f ... Cal...

CVE-2022-49408

CVE-2022-49408 involves a memory-leak in ext4 when parsing on-disk mount options in the Linux kernel. The root cause is memory allocated in ext4_fs_context not being freed if option processing fails; the fix replaces direct kfree() with ext4_fc_free(). Practical impact is a leak during mounting w...

CVE-2022-49349

CVE-2022-49349 is a Linux kernel vulnerability in the ext4 filesystem where a use-after-free occurs in ext4_rename_dir_prepare. The issue arises during ext4 directory block reads when a directory entry with an invalid rec_len can lead to a stale parent reference being used, enabling a use-after-f...