56 matches found
EUVD-2026-33905
A path traversal vulnerability exists in jupyter-server version 2.17.0 due to an incorrect root directory boundary check in the getospath function within jupyterserver/services/contents/fileio.py. The check uses startswithroot without appending a trailing path separator, allowing sibling...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: erofs: set fileio bio failed in short read case For file-backed mounts, IO requests are handled by vfsiocbiterread. However, this process can be interrupted by a SIGKILL signal, resulting in the return of the number of bytes...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: fs/erofs/fileio: Call erofsonlinefoliosplit after bioaddfolio If bioaddfolio fails because it is full, erofsfileioscanfolio needs to submit the I/O request via erofsfileiorqsubmit and allocate a new I/O request with an empty stru...
SUSE CVE-2026-31514
In the Linux kernel, the following vulnerability has been resolved: erofs: set fileio bio failed in short read case For file-backed mount, IO requests are handled by vfsiocbiterread. However, it can be interrupted by SIGKILL, returning the number of bytes actually copied. Unused folios in bio are...
CVE-2026-31514
The CVE-2026-31514 issue affects the Linux kernel erofs filesystem: I/O requests for file-backed mounts can be interrupted (SIGKILL) and cause unused folios to be incorrectly marked uptodate, potentially leading to data integrity problems or stale data exposure. Mitigation/patches address this by...
Linux Distros Unpatched Vulnerability : CVE-2026-31514
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: erofs: set fileio bio failed in short read case For file-backed mount, IO requests are handl...
PT-2026-34419
In the Linux kernel, the following vulnerability has been resolved: erofs: set fileio bio failed in short read case For file-backed mount, IO requests are handled by vfs iocb iter read. However, it can be interrupted by SIGKILL, returning the number of bytes actually copied. Unused folios in bio...
SUSE CVE-2026-23224
In the Linux kernel, the following vulnerability has been resolved: erofs: fix UAF issue for file-backed mounts w/ directio option 9.269940 T3222 Call trace: 9.269948 T3222 ext4filereaditer+0xac/0x108 9.269979 T3222 vfsiocbiterread+0xac/0x198 9.269993 T3222 erofsfileiorqsubmit+0x12c/0x180 9.27000...
CVE-2026-23224
In the Linux kernel, the following vulnerability has been resolved: erofs: fix UAF issue for file-backed mounts w/ directio option 9.269940 T3222 Call trace: 9.269948 T3222 ext4filereaditer+0xac/0x108 9.269979 T3222 vfsiocbiterread+0xac/0x198 9.269993 T3222 erofsfileiorqsubmit+0x12c/0x180 9.27000...
CVE-2026-23224
In the Linux kernel, the following vulnerability has been resolved: erofs: fix UAF issue for file-backed mounts w/ directio option 9.269940 T3222 Call trace: 9.269948 T3222 ext4filereaditer+0xac/0x108 9.269979 T3222 vfsiocbiterread+0xac/0x198 9.269993 T3222 erofsfileiorqsubmit+0x12c/0x180 9.27000...
PT-2026-20450
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The EROFS filesystem may experience a use-after-free UAF condition when a file-backed mount with the directio option is enabled. This can lead to a system panic. The issue arises from a...
SUSE CVE-2025-40302
In the Linux kernel, the following vulnerability has been resolved: media: videobuf2: forbid removebufs when legacy fileio is active vb2ioctlremovebufs call manipulates queue internal buffer list, potentially overwriting some pointers used by the legacy fileio access mode. Forbid that ioctl when...
EUVD-2025-201643
In the Linux kernel, the following vulnerability has been resolved: media: videobuf2: forbid removebufs when legacy fileio is active vb2ioctlremovebufs call manipulates queue internal buffer list, potentially overwriting some pointers used by the legacy fileio access mode. Forbid that ioctl when...
DEBIAN-CVE-2025-40302
In the Linux kernel, the following vulnerability has been resolved: media: videobuf2: forbid removebufs when legacy fileio is active vb2ioctlremovebufs call manipulates queue internal buffer list, potentially overwriting some pointers used by the legacy fileio access mode. Forbid that ioctl when...
CVE-2025-40302
In the Linux kernel, the following vulnerability has been resolved: media: videobuf2: forbid removebufs when legacy fileio is active vb2ioctlremovebufs call manipulates queue internal buffer list, potentially overwriting some pointers used by the legacy fileio access mode. Forbid that ioctl when...
CVE-2025-40302 media: videobuf2: forbid remove_bufs when legacy fileio is active
In the Linux kernel, the following vulnerability has been resolved: media: videobuf2: forbid removebufs when legacy fileio is active vb2ioctlremovebufs call manipulates queue internal buffer list, potentially overwriting some pointers used by the legacy fileio access mode. Forbid that ioctl when...
CVE-2025-40302 media: videobuf2: forbid remove_bufs when legacy fileio is active
In the Linux kernel, the following vulnerability has been resolved: media: videobuf2: forbid removebufs when legacy fileio is active vb2ioctlremovebufs call manipulates queue internal buffer list, potentially overwriting some pointers used by the legacy fileio access mode. Forbid that ioctl when...
CVE-2025-40302
In the Linux kernel, the following vulnerability has been resolved: media: videobuf2: forbid removebufs when legacy fileio is active vb2ioctlremovebufs call manipulates queue internal buffer list, potentially overwriting some pointers used by the legacy fileio access mode. Forbid that ioctl when...
CVE-2025-40302
CVE-2025-40302 is a Linux kernel issue in the media: videobuf2 path where vb2_ioctl_remove_bufs could affect the queue state when legacy fileio is active. The fix forbids the remove_bufs ioctl if fileio is active to protect internal queue pointers across read/write calls, preventing potential cor...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from disabling removebufs when legacy fileio is active, which could lead to corruption of the internal state of the...