30 matches found
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed the issue of clearing dirty inodes in f2fsevictinode. As reported by Yanming in Bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215904 The kernel message is as follows: Kernel BUG at fs/f2fs/inode.c:825! Call...
Malicious code in node-app-doctor (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector addccbccd4c3c52cd67098a571ed77a4f55ea2303746f421b22b5bbf175a345e collect.js gathers host identifiers via os.hostname and os.homedir, reads local filesystem state with fs.existsSync, spawns childprocess commands, an...
MAL-2026-5733 Malicious code in node-app-doctor (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector addccbccd4c3c52cd67098a571ed77a4f55ea2303746f421b22b5bbf175a345e collect.js gathers host identifiers via os.hostname and os.homedir, reads local filesystem state with fs.existsSync, spawns childprocess commands, an...
CVE-2026-46175
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix fsck inconsistency caused by FGGC of node block During FGGC node block migration, fsck may incorrectly treat the migrated node block as fsync-written data. The reproduction scenario: root@vm:/mnt/f2fs seq 1 2048 | xargs...
CVE-2026-46175
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix fsck inconsistency caused by FGGC of node block During FGGC node block migration, fsck may incorrectly treat the migrated node block as fsync-written data. The reproduction scenario: root@vm:/mnt/f2fs seq 1 2048 | xargs...
CVE-2026-46175
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix fsck inconsistency caused by FGGC of node block During FGGC node block migration, fsck may incorrectly treat the migrated node block as fsync-written data. The reproduction scenario: root@vm:/mnt/f2fs seq 1 2048 | xargs...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: f2fs: A fix was made to avoid the use of f2fsbugon in decvalidnodecount. As reported by Yanming in Bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215897 I have encountered a bug in the F2FS file system in the kernel version...
ALPINE-CVE-2026-21715
A flaw in Node.js Permission Model filesystem enforcement leaves fs.realpathSync.native without the required read permission checks, while all comparable filesystem functions correctly enforce them. As a result, code running under --permission with restricted --allow-fs-read can still use...
CVE-2023-53766 FS: JFS: Check for read-only mounted filesystem in txBegin
In the Linux kernel, the following vulnerability has been resolved: FS: JFS: Check for read-only mounted filesystem in txBegin This patch adds a check for read-only mounted filesystem in txBegin before starting a transaction potentially saving from NULL pointer deref...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990234)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990234 advisory. In the Linux kernel, the following vulnerability has been resolved: jfs: array-index-out-of-bounds fix in dtReadFirst The value of stbl can be sometimes out of bound...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989778)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989778 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to clear dirty inode in f2fsevictinode As Yanming reported in bugzilla:...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed the sanity check on sbi-totalvalidblockcount. syzbot reported a f2fs bug as follows: ------------ cut here ------------ Kernel BUG at fs/f2fs/f2fs.h:2521! RIP: 0010:decvalidblockcount + 0x3b2/0x3c0, fs/f2fs/f2fs.h:252...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-383586)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-383586 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: reserve space for inline xattr before attaching reflink tree One of our customers reported...
EUVD-2025-26757
Malicious code in bioql PyPI...
SUSE CVE-2025-38712
In the Linux kernel, the following vulnerability has been resolved: hfsplus: don't use BUGON in hfspluscreateattributesfile When the volume header contains erroneous values that do not reflect the actual state of the filesystem, hfsplusfillsuper assumes that the attributes file is not yet created...
UBUNTU-CVE-2025-38712
In the Linux kernel, the following vulnerability has been resolved: hfsplus: don't use BUGON in hfspluscreateattributesfile When the volume header contains erroneous values that do not reflect the actual state of the filesystem, hfsplusfillsuper assumes that the attributes file is not yet created...
SUSE CVE-2022-49364
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to clear dirty inode in f2fsevictinode As Yanming reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215904 The kernel message is shown below: kernel BUG at fs/f2fs/inode.c:825! Call Trace: evict+0x282/0x4...
DEBIAN-CVE-2022-49380
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid f2fsbugon in decvalidnodecount As Yanming reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215897 I have encountered a bug in F2FS file system in kernel v5.17. The kernel should enable...
DEBIAN-CVE-2022-49364
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to clear dirty inode in f2fsevictinode As Yanming reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215904 The kernel message is shown below: kernel BUG at fs/f2fs/inode.c:825! Call Trace: evict+0x282/0x4...
UBUNTU-CVE-2022-49364
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to clear dirty inode in f2fsevictinode As Yanming reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215904 The kernel message is shown below: kernel BUG at fs/f2fs/inode.c:825! Call Trace: evict+0x282/0x4...