Ubuntu 20.04 LTS : Linux kernel (FIPS) vulnerabilities (USN-7922-2)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7922-2 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...

Ubuntu 20.04 LTS : Linux kernel (Azure FIPS) vulnerabilities (USN-7939-2)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7939-2 advisory. Jean-Claude Graf, Sandro Regge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation betwee...

PT-2026-44298

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An inconsistency occurs in the f2fs file system during Foreground Garbage Collection FGGC node block migration. The Garbage Collection process fails to clear the dentry and fsync marks...

Astra Linux - уязвимость в f2fs-tools

There is an exploitable information disclosure vulnerability in the devread functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can lead to an uninitialized read operation, resulting in information disclosure. An attacker can provide a malicious file to trigger this...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the f2fssanitychecknodefooter function in the f2fs file system. This function accesses...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Revert “f2fs: block cache/dio write during f2fsenablecheckpoint”. This revert commits 196c81fdd438f7ac429d5639090a9816abb9760a. The original patch might cause a deadlock; revert it. write remount - writebegin - lockpage --- lock ...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: f2fs: A sanity check was added for the block address in the f2fsdozerorange function. As reported by Yanming in Bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215894 I have encountered a bug in the F2FS file system in the...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013561)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013561 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on summary info As Wenqing Liu reported in bugzilla:...

USN-8179-2 linux-aws-fips, linux-fips, linux-gcp-fips vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

USN-8184-1: Linux kernel (Real-time) vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

USN-8179-1 linux, linux-aws, linux-aws-6.8, linux-gcp, linux-gke, linux-gkeop, linux-ibm, linux-lowlatency, linux-lowlatency-hwe-6.8 vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

ROS-20260324-73-0009

A vulnerability in the f2fs component of the Linux operating system kernel is related to the use of memory after it has been freed. Exploitation of the vulnerability allows an attacker to affect confidentiality, integrity and availability of protected information...

USN-8116-1: Linux kernel (Intel IoTG Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - ATM...

f2fs: fix IS_CHECKPOINTED flag inconsistency issue caused by concurrent atomic commit and checkpoint writes

...

CVE-2026-23235

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix out-of-bounds access in sysfs attribute read/write Some f2fs sysfs attributes suffer from out-of-bounds memory access and incorrect handling of integer values whose size is not 4 bytes. For example: vm: echo 65537...

UBUNTU-CVE-2026-23234

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid UAF in f2fswriteendio As syzbot reported an use-after-free issue in f2fswriteendio. It is caused by below race condition: loop device umount - workerthread - loopprocesswork - doreqfilebacked - lorwaio -...

CVE-2026-23233

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid mapping wrong physical block for swapfile Xiaolong Guo reported a f2fs bug in bugzilla 1 1 https://bugzilla.kernel.org/showbug.cgi?id=220951 Quoted: "When using stress-ng's swap stress test on F2FS filesystem...

CVE-2026-23232

In the Linux kernel, the following vulnerability has been resolved: Revert "f2fs: block cache/dio write during f2fsenablecheckpoint" This reverts commit 196c81fdd438f7ac429d5639090a9816abb9760a. Original patch may cause below deadlock, revert it. write remount - writebegin - lockpage --- lock A -...

PT-2026-22921

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The f2fs file system in the Linux kernel contains a flaw related to out-of-bounds memory access and incorrect handling of integer values when reading and writing sysfs attributes...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001400)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001400 advisory. An issue was discovered in the Linux kernel through 4.17.10. There is an out-of-bounds access in removedirtysegment in fs/f2fs/segment.c when mounting an f2fs image...