165 matches found
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: ext4: Fixed string copying in parseapplysbmountoptions. The strnlen function cannot be used to copy a non-NUL-terminated string into a NUL-terminated string of possibly larger size. Commit 0efc5990bca5 “string.h: Introduce memtos...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: ext4: Fix for the double decrement of the dirty clusters count during shutdown. The fstests test for generic/388 occasionally produces a warning in ext4putsuper, associated with the count of dirty clusters: WARNING: CPU: 7; PID:...
SUSE-SU-2026:22137-1 Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2025-38549: efivarfs: Fix memory leak of efivarfsfsinfo in fscontext error paths bsc1248235. - CVE-2025-68324: scsi: imm: Fix use-after-free bug cause...
ext4: fix bounds check in check_xattrs() to prevent out-of-bounds access
...
ext4: fix missing brelse() in ext4_xattr_inode_dec_ref_all()
...
SUSE CVE-2026-45920
In the Linux kernel, the following vulnerability has been resolved: ext4: fix dirtyclusters double decrement on fs shutdown fstests test generic/388 occasionally reproduces a warning in ext4putsuper associated with the dirty clusters count: WARNING: CPU: 7 PID: 76064 at fs/ext4/super.c:1324...
SUSE CVE-2026-46094
In the Linux kernel, the following vulnerability has been resolved: ext4: fix bounds check in checkxattrs to prevent out-of-bounds access The bounds check for the next xattr entry in checkxattrs uses void next = end, which allows next to point within sizeofu32 bytes of end. On the next loop...
CVE-2026-46002
A flaw was found in the Linux kernel's ext2 filesystem. A local attacker could create a specially crafted filesystem image with malformed inodes index nodes that, when mounted, would not be properly rejected by the ext2iget function. This could lead to a kernel warning and potentially a system...
UBUNTU-CVE-2026-46094
In the Linux kernel, the following vulnerability has been resolved: ext4: fix bounds check in checkxattrs to prevent out-of-bounds access The bounds check for the next xattr entry in checkxattrs uses void next = end, which allows next to point within sizeofu32 bytes of end. On the next loop...
UBUNTU-CVE-2026-45920
In the Linux kernel, the following vulnerability has been resolved: ext4: fix dirtyclusters double decrement on fs shutdown fstests test generic/388 occasionally reproduces a warning in ext4putsuper associated with the dirty clusters count: WARNING: CPU: 7 PID: 76064 at fs/ext4/super.c:1324...
CVE-2026-45912
In the Linux kernel, the following vulnerability has been resolved: ext4: don't cache extent during splitting extent Caching extents during the splitting process is risky, as it may result in stale extents remaining in the status tree. Moreover, in most cases, the corresponding extent block entri...
CVE-2026-45892 ext4: drop extent cache after doing PARTIAL_VALID1 zeroout
In the Linux kernel, the following vulnerability has been resolved: ext4: drop extent cache after doing PARTIALVALID1 zeroout When splitting an unwritten extent in the middle and converting it to initialized in ext4splitextent with the EXT4EXTMAYZEROOUT and EXT4EXTDATAVALID2 flags set, it could...
PT-2026-43809
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the ext4 file system between page migration and bitmap modification during mixed huge-page workloads. The issue occurs because the fast path of the load buddy...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: ext4: fixed the bug in estreesearch caused by an invalid boot loader inode. We have the following issues: kernel BUG at fs/ext4/extentsstatus.c:203! invalid opcode: 0000 1 PREEMPT SMP CPU: 1 PID: 945 Comm: cat Not tainted...
Astra Linux – Vulnerability in Linux, Linux 5.10
A race condition was discovered in ext4writeinlinedataend in fs/ext4/inline.c within the ext4 subsystem of the Linux kernel, as of version 5.13.13...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ext4: Fixed ext4mbmarkbb with flexbg and fastcommit. In the case of the flexbg feature which is enabled by default, extents for any given inode may span across blocks from two different block groups. ext4mbmarkbb only reads the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ext4: refuses to create an EA block when umounted. The EA block expansion needs to access sroot, but sroot is already set to NULL when umount is triggered. This request is refused to avoid panic conditions...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ext4: Added bounds checking in getmaxinlinexattrvaluesize. Normally, extended attributes within the inode body would be checked when the inode was first opened. However, if someone writes to the block device while the file system...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ext4: The issue where inline data checks might be performed during dio write operations has been fixed. According to syzbot, the following warning from ext4iomapbegin is triggered as of the referenced commit: c if...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ext4: fixed a memory leak in parseapplysbmountoptions If processing the disk-mounted options fails after any memory has been allocated in the ext4FS context, such as for sqfnames, then this memory is leaked. This issue was...