Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: ext4: fixed a warning in ext4handleinodeextension We encountered the following issues: EXT4-fs error device loop0 in ext4reserveinodewrite:5741: Out of memory EXT4-fs error device loop0: ext4setattr:5462: inode 13: comm...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed a use-after-free in ext4orphancleanup. I identified the issue as follows: BUG: KASAN: Use-after-free in listaddvalid+0x28/0x1a0. Read of size 8 at address ffff88814b13f378 by task mount/710. CPU: 1 PID: 710 Comm:...

CVE-2026-43066

In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4fcreplayinode error paths During code review, Joseph found that ext4fcreplayinode calls ext4getfcinodeloc to get the inode location, which holds a reference to iloc.bh that must be released via brels...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013694)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013694 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix inode leak in ext4xattrinodecreate on an error path There is issue as follows when do...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011260)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011260 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: add EXT4IGETBAD flag to prevent unexpected bad inode There are many places that will get...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011133)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011133 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix inode leak in ext4xattrinodecreate on an error path There is issue as follows when do...

USN-8056-1 u-boot vulnerabilities

Simon Diepold discovered that U-Boot incorrectly handled certain DHCP responses. An attacker on the local network could possibly use this issue to obtain sensitive memory contents. CVE-2024-42040 It was discovered that U-Boot incorrectly handled symlink size calculations in squashfs file systems...

USN-8056-1: U-Boot vulnerabilities

Simon Diepold discovered that U-Boot incorrectly handled certain DHCP responses. An attacker on the local network could possibly use this issue to obtain sensitive memory contents. CVE-2024-42040 It was discovered that U-Boot incorrectly handled symlink size calculations in squashfs file systems...

Ubuntu 22.04 LTS / 24.04 LTS : U-Boot vulnerabilities (USN-8056-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8056-1 advisory. Simon Diepold discovered that U-Boot incorrectly handled certain DHCP responses. An attacker on the local network could possibly use this iss...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38337)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38337 advisory. - In the Linux kernel, the following vulnerability has been resolved: jbd2: fix data-race and null-ptr-deref i...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004474)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004474 advisory. ext4protectreservedinode in fs/ext4/blockvalidity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service soft lockup via a crafted journal...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004016)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004016 advisory. ext4protectreservedinode in fs/ext4/blockvalidity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service soft lockup via a crafted journal...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002557)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002557 advisory. The ext4iget function in fs/ext4/inode.c in the Linux kernel through 4.15.15 mishandles the case of a root directory with a zero ilinkscount, which allows attackers ...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003397)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003397 advisory. The ext4iget function in fs/ext4/inode.c in the Linux kernel through 4.15.15 mishandles the case of a root directory with a zero ilinkscount, which allows attackers ...

CVE-2022-50845

In the Linux kernel, the following vulnerability has been resolved: ext4: fix inode leak in ext4xattrinodecreate on an error path There is issue as follows when do setxattr with inject fault: localhost fsck.ext4 -fn /dev/sda e2fsck 1.46.6-rc1 12-Sep-2022 Pass 1: Checking inodes, blocks, and sizes...

CVE-2022-50845

In the Linux kernel, the following vulnerability has been resolved: ext4: fix inode leak in ext4xattrinodecreate on an error path There is issue as follows when do setxattr with inject fault: localhost fsck.ext4 -fn /dev/sda e2fsck 1.46.6-rc1 12-Sep-2022 Pass 1: Checking inodes, blocks, and sizes...

UBUNTU-CVE-2022-50845

In the Linux kernel, the following vulnerability has been resolved: ext4: fix inode leak in ext4xattrinodecreate on an error path There is issue as follows when do setxattr with inject fault: localhost fsck.ext4 -fn /dev/sda e2fsck 1.46.6-rc1 12-Sep-2022 Pass 1: Checking inodes, blocks, and sizes...

CVE-2022-50730

CVE-2022-50730 affects the Linux kernel's ext4 eviction path: when evicting inodes with dioread_nolock, a corner case warning (WARN_ON_ONCE) could be triggered due to i_io_list handling, potentially following unwritten extents conversions. The issue does not describe a use-after-free vulnerabilit...

PT-2025-53148

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to ext4 quota handling. Specifically, a bug in the es tree search function can occur due to a bad quota inode. This issue arises when the inode...

PT-2025-53034

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the ext4 subsystem related to inode eviction with dioread nolock. Specifically, a warning could occur when evicting an inode, potentially due to...