EUVD-2026-38990

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock between reflink and transaction commit when using flushoncommit When using the flushoncommit mount option, we can have a deadlock between a transaction commit and a reflink operation that copied an inline exte...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: The abort logic in btrfsreplacefileextents has been fixed. Error injection testing uncovered a case where a corrupt file system could occur, with an missing extent in the middle of a file. This occurs because the if...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: ext4: fixed an issue where the buffer of extents was freed twice. In ext4exttrytomergeup, the path1.pbh was set to NULL after it was released. Otherwise, it might be released twice. An example of what triggers this is as...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: Fixed a double-free of blocks due to incorrect movedlen values during extent movements. In ext4moveextents, movedlen is updated only when all movements are successfully executed. It also discards preallocations of originode...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Fixed a deadlock that occurred when cloning inline extents and using qgroups. There are a few exceptional cases where cloning an inline extent requires copying the inline extent data into a page of the destination inode...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: erofs: fixed an issue where the algorithm used for encoded extents was invalid. The current algorithm sanity checks do not properly apply to newly encoded extents. We need to unify the algorithm checks with the...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: dax: fix an issue where overflowing extents beyond the inode size occurs during partial writing. The daxiomaprw function does two things in each iteration: it maps the written blocks and copies user data to those blocks. If...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: Detecting invalid INLINEDATA + EXTENTS flag combinations Syzbot reported a bug in ext4escacheextent when opening a Verity file on a corrupted ext4 file system that was mounted without a journal. The issue arises when the fi...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ocfs2: Clearing the extent cache after moving/defragmenting extents The extent map cache can become stale when extents are moved or defragmented, causing subsequent operations to see outdated extent flags. This triggers a BUGON i...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fsdax: Force the dirty mark to be cleared if CoW is used XFS allows CoW on non-shared extents to combat fragmentation1. The old non-shared extent can be rewritten before use; its dax entry is marked as “dirty”. This results in a...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: erofs: Fixed the classification of interlaced plain extents for encoded extents. Only plain data whose start position and on-disk physical length are both aligned to the block size should be classified as interlaced plain extents...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: btrfs: Do not call BUGON when encountering ENOMEM during the dropping of file extent items within a given range. If -ENOMEM occurs while dropping file extent items within a specified range, at btrfsDropExtents, the transaction ma...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

In the Linux kernel, the following vulnerability has been resolved: udf: Do not bother merging very long extents. When merging very long extents, we try to assign as much length as possible to the first extent. However, this is unnecessarily complicated and not really worth the effort. Moreover,...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Ensure that the correct amount of memory is released during direct IO write operations. Running generic/406 causes the following warning in btrfsdestroy inode, indicating that there are still outstanding extents...

SUSE CVE-2026-45899

In the Linux kernel, the following vulnerability has been resolved: ext4: drop extent cache when splitting extent fails When the split extent fails, we might leave some extents still being processed and return an error directly, which will result in stale extent entries remaining in the extent...

SUSE CVE-2026-45912

In the Linux kernel, the following vulnerability has been resolved: ext4: don't cache extent during splitting extent Caching extents during the splitting process is risky, as it may result in stale extents remaining in the status tree. Moreover, in most cases, the corresponding extent block entri...

SUSE CVE-2026-45985

In the Linux kernel, the following vulnerability has been resolved: ext4: don't set EXT4GETBLOCKSCONVERT when splitting before submitting I/O When allocating blocks during within-EOF DIO and writeback with dioreadnolock enabled, EXT4GETBLOCKSPREIO was set to split an existing large unwritten...

SUSE CVE-2026-45999

In the Linux kernel, the following vulnerability has been resolved: erofs: fix unsigned underflow in zerofslz4handleoverlap Some crafted images can have illegal !partialdecoding && mllen out access reads past the decompressedpages array. However, such crafted cases can correctly result in a...

CVE-2026-45912

A flaw was found in the Linux kernel's ext4 filesystem. During certain file operations, specifically when splitting data extents, an issue with caching can lead to incorrect tracking of disk space. This can result in errors in space accounting, potentially impacting data integrity and the overall...

CVE-2026-45948

A flaw was found in the Linux kernel's ext4 filesystem. This vulnerability occurs in the ext4extshiftextents function, where a memory leak can happen if the function returns prematurely without releasing a previously obtained path. A local attacker could potentially exploit this to cause a denial...