179 matches found
CVE-2026-53303
A flaw was found in the Linux kernel's f2fs filesystem. This vulnerability allows for potential out-of-bounds memory access or the display of stale data. It occurs because the extensionlist and related counts are read without proper synchronization, enabling a concurrent system file system sysfs...
CVE-2026-53303
In the Linux kernel, the following vulnerability has been resolved: f2fs: protect extensionlist reading with sblock in f2fssbishow In f2fssbishow, the extensionlist, extensioncount and hotextcount are read without holding sbi-sblock. If a concurrent sysfs store modifies the extension list via...
CVE-2026-53017
A flaw was found in the Linux kernel's f2fs filesystem. This vulnerability can lead to data loss when a file synchronization fsync operation on a newly created file occurs at the same time as a checkpoint operation. The system incorrectly assumes that a checkpoint has completed, which can result ...
CVE-2026-53018
A flaw was found in the Linux kernel's f2fs filesystem. During garbage collection, a race condition can occur when a page is moved and updated, but the system attempts to read it again from an outdated location. This can trigger a kernel bug, leading to a system crash and a denial of service DoS....
CVE-2026-46194
A flaw was found in the Linux kernel's f2fs filesystem. A race condition exists between the f2fsdestroyextentnode function and concurrent writeback operations. This occurs because f2fsdestroyextentnode does not properly set a flag FINOEXTENT before clearing extent nodes, allowing new extent nodes...
CVE-2026-46194
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix nodecnt race between extent node destroy and writeback f2fsdestroyextentnode does not set FINOEXTENT before clearing extent nodes. When called from f2fsdropinode with ISYNC set, concurrent kworker writeback can insert n...
EUVD-2026-32802
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix fsck inconsistency caused by FGGC of node block During FGGC node block migration, fsck may incorrectly treat the migrated node block as fsync-written data. The reproduction scenario: root@vm:/mnt/f2fs seq 1 2048 | xargs...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: Fixed the issue where f2fswaitonpagewriteback was called in f2fswriterawpages. A BUG will be triggered when writing files concurrently, because the same page may be written back multiple times. The bug occurs at...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: f2fs: Split the initial and dynamic conditions for extentcache. We need to allocate the extentcache tree without dynamic conditions to avoid a panic caused by a missing condition as described below. Create a file with a...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: f2fs: The online repair mechanism for corrupted directories has been removed. The syzbot reports the following f2fs bug: Kernel BUG at fs/f2fs/inode.c:896! RIP: 0010:f2fsevict inode+0x1598/0x15c0 fs/f2fs/inode.c:896 Call trace:...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010968)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010968 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix information leak in f2fsmoveinlinedirents When converting an inline directory to a...
ROS-20260408-73-0006
A vulnerability in the fs/f2fs component of the Linux operating system kernel is related to a buffer overflow on the stack. Exploitation of the vulnerability allows an attacker to cause a denial of service...
CVE-2026-23267 f2fs: fix IS_CHECKPOINTED flag inconsistency issue caused by concurrent atomic commit and checkpoint writes
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix ISCHECKPOINTED flag inconsistency issue caused by concurrent atomic commit and checkpoint writes During SPO tests, when mounting F2FS, an -EINVAL error was returned from f2fsrecoverinodepage. The issue occurred under th...
Linux Distros Unpatched Vulnerability : CVE-2026-23233
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - f2fs: fix to avoid mapping wrong physical block for swapfile Xiaolong Guo reported a f2fs bug in bugzilla 1 1 https://bugzilla.kernel.org/showbug.cgi?id=220951...
SUSE CVE-2026-23233
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid mapping wrong physical block for swapfile Xiaolong Guo reported a f2fs bug in bugzilla 1 1 https://bugzilla.kernel.org/showbug.cgi?id=220951 Quoted: "When using stress-ng's swap stress test on F2FS filesystem...
EUVD-2026-9405
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid mapping wrong physical block for swapfile Xiaolong Guo reported a f2fs bug in bugzilla 1 1 https://bugzilla.kernel.org/showbug.cgi?id=220951 Quoted: "When using stress-ng's swap stress test on F2FS filesystem...
DEBIAN-CVE-2026-23233
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid mapping wrong physical block for swapfile Xiaolong Guo reported a f2fs bug in bugzilla 1 1 https://bugzilla.kernel.org/showbug.cgi?id=220951 Quoted: "When using stress-ng's swap stress test on F2FS filesystem...
PT-2026-22920
Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description The Linux kernel contains a use-after-free issue in the f2fs write end io function. This issue occurs due to a race condition where memory associated with the superblock sbi is freed whi...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid out-of-boundary access in dnode page As Jiaming Zhang reported: dumpstack lib/dumpstack.c:94 inline dumpstacklvl+0x1c1/0x2a0 lib/dumpstack.c:120 printaddressdescription mm/kasan/report.c:378 inline...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: f2fs: vmunmapram may be called from an invalid context When testing F2FS with xfstests using UFS-backed virtual disks, the kernel sometimes reports that f2fsreleasedecompmem calls vmunmapram from an invalid context. An example...