Lucene search
+L

155 matches found

RedHat Linux
RedHat Linux
added 2024/09/24 2:39 a.m.6 views

kernel: ext4: do not create EA inode under buffer lock

A vulnerability was found in the Linux kernel's ext4 filesystem, where the system could create EA inodes while holding a buffer lock, this approach can lead to deadlocks, especially if the filesystem is corrupted...

5.5CVSS7.4AI score0.00221EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/09/24 12:40 a.m.6 views

kernel: ext4: do not create EA inode under buffer lock

A vulnerability was found in the Linux kernel's ext4 filesystem, where the system could create EA inodes while holding a buffer lock, this approach can lead to deadlocks, especially if the filesystem is corrupted...

5.5CVSS7.4AI score0.00221EPSS
Exploits0References5
OSV
OSV
added 2024/09/13 6:15 a.m.6 views

UBUNTU-CVE-2024-46695

In the Linux kernel, the following vulnerability has been resolved: selinux,smack: don't bypass permissions check in inodesetsecctx hook Marek Gresko reports that the root user on an NFS client is able to change the security labels on files on an NFS filesystem that is exported with root squashin...

4.4CVSS6.3AI score0.00219EPSS
Exploits0References18
Microsoft CVE
Microsoft CVE
added 2024/08/05 7:0 a.m.2 views

jfs: xattr: fix buffer overflow for invalid xattr

...

7.8CVSS7.3AI score0.00317EPSS
Exploits1
OSV
OSV
added 2024/07/29 3:15 p.m.5 views

AZL-47980 CVE-2024-41076 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix memory leak in nfs4setsecuritylabel We leak nfsfattr and nfs4label every time we set a security xattr...

5.5CVSS6.7AI score0.00209EPSS
Exploits0References1
OSV
OSV
added 2024/07/29 3:15 p.m.5 views

UBUNTU-CVE-2024-41076

In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix memory leak in nfs4setsecuritylabel We leak nfsfattr and nfs4label every time we set a security xattr...

5.5CVSS6.5AI score0.00209EPSS
Exploits0References17
OSV
OSV
added 2024/07/29 7:15 a.m.3 views

DEBIAN-CVE-2024-41017

In the Linux kernel, the following vulnerability has been resolved: jfs: don't walk off the end of ealist Add a check before visiting the members of ea to make sure each ea stays within the ealist...

5.5CVSS5.6AI score0.00239EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/07/29 12:0 a.m.6 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a failure to check before traversing the members of the ealist to ensure that each ea remains within the scope o...

5.5CVSS6.5AI score0.00239EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2024/07/17 3:32 a.m.5 views

SUSE CVE-2024-40972

In the Linux kernel, the following vulnerability has been resolved: ext4: do not create EA inode under buffer lock ext4xattrsetentry creates new EA inodes while holding buffer lock on the external xattr block. This is problematic as it nests all the allocation locking which acquires locks on othe...

4.7CVSS6.8AI score0.00221EPSS
Exploits0References15
OSV
OSV
added 2024/07/12 1:55 p.m.18 views

SUSE-SU-2024:2463-1 Security update for squashfs

This update for squashfs fixes the following issues: - CVE-2015-4645,CVE-2015-4646: Multiple buffer overflows fixed in squashfs-tools bsc935380 - CVE-2021-40153: Fixed an issue where an attacker might have been able to write a file outside of destination bsc1189936 - CVE-2021-41072: Fixed an issu...

8.1CVSS7.7AI score0.0691EPSS
Exploits2References8
OSV
OSV
added 2024/07/12 1:15 p.m.1 views

DEBIAN-CVE-2024-40972

In the Linux kernel, the following vulnerability has been resolved: ext4: do not create EA inode under buffer lock ext4xattrsetentry creates new EA inodes while holding buffer lock on the external xattr block. This is problematic as it nests all the allocation locking which acquires locks on othe...

5.5CVSS5.5AI score0.00221EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/07/12 12:0 a.m.4 views

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a potential deadlock issue in the ext4 file system when creating an EA inode...

5.5CVSS8.2AI score0.00221EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/06/25 12:0 a.m.4 views

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the sanitycheckinode function not performing a sanity check on ixattrnid...

7.1CVSS6.5AI score0.00238EPSS
Exploits0References8
CNNVD
CNNVD
added 2024/05/21 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a contention between the xattrset|get and listxattr operations...

5.5CVSS4.8AI score0.00236EPSS
Exploits0References7
OSV
OSV
added 2024/04/03 5:15 p.m.1 views

DEBIAN-CVE-2023-52640

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix oob in ntfslistxattr The length of name cannot exceed the space occupied by ea...

7.1CVSS6AI score0.00244EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/03/21 12:0 a.m.8 views

PT-2024-29186

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the ext4 file system in the Linux kernel. The function ext4 xattr set entry creates new EA inodes while holding a buffer lock on the external xattr block. This ca...

7.5CVSS5.7AI score0.00221EPSS
Exploits0
OSV
OSV
added 2024/03/15 11:7 a.m.13 views

OESA-2024-1284 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: f2fs: explicitly null-terminate the xattr list When setting an xattr, explicitly null-terminate the xattr list. This eliminates the fragile assumption that the...

7.8CVSS7.3AI score0.00615EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.26 views

openSUSE: Security Advisory for squashfs (SUSE-SU-2023:4591-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.4AI score0.0691EPSS
Exploits2References2
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.1 views

kernel: ext4: fix deadlock due to mbcache entry corruption

A deadlock vulnerability was found in the ext4 filesystem in the Linux kernel. When manipulating extended attribute xattr blocks, a race condition in non-atomic bitfield updates can cause the mbcache entry state to become corrupted. This leads to an infinite loop in ext4xattrblockset where the co...

7.1AI score0.0022EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/02/18 12:0 a.m.15 views

PT-2025-54151

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's ext4 filesystem implementation. Specifically, the issue involves handling extended attribute ea block expansion during unmounting. The process require...

7.8CVSS7AI score0.00462EPSS
Exploits2References911
Rows per page
Query Builder