UBUNTU-CVE-2026-46329

In the Linux kernel, the following vulnerability has been resolved: erofs: handle end of filesystem properly for file-backed mounts I/O requests beyond the end of the filesystem should be zeroed out, similar to loopback devices and that is what we expect...

fs/ntfs3: Initialize allocated memory before use

...

EUVD-2006-4135

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2023-26544

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel 6.0.8, there is a use-after-free in rununpack in fs/ntfs3/run.c, related to a difference between NTFS sector size and media sector size...

CVE-2025-38232 NFSD: fix race between nfsd registration and exports_proc

In the Linux kernel, the following vulnerability has been resolved: NFSD: fix race between nfsd registration and exportsproc As of now nfsd calls createprocexportsentry at start of initnfsd and cleanup by removeprocentry at last of exitnfsd. Which causes kernel OOPs if there is race between below...

CLSA-2025-1742374400 grub2: Fix of 2 CVEs

Sign by Cloudlinux - CVE-2023-4692: ntfs: checks to ensure that NTFS drive's sector numbers are never written beyond the boundary - CVE-2023-4693: ntfs: fix an out-of-bounds read flaw on NTFS filesystem driver...

Linux Distros Unpatched Vulnerability : CVE-2024-45783

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in grub2. When failing to mount an HFS+ grub, the hfsplus filesystem driver doesn't properly set an ERRNO value. This issue may lead to a NULL...

Tuxera NTFS-3G Security Vulnerability

Tuxera NTFS-3G is an open source, cross-platform set of drivers from the Finnish company Tuxera to support reading and writing NTFS partitions. A security vulnerability exists in NTFS-3G versions prior to 75dcdc2, which stems from the discovery of ntfsuppercasembs in libntfs-3g/unistr.c that...

RHEL 7 : grub2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling CVE-2021-3696 -...

Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2024-1427)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Low: grub2

Issue Overview: No CVE associated with this advisory Affected Packages: grub2 Issue Correction: Run dnf update grub2 --releasever 2023.2.20231030 or dnf update --advisory ALAS2023-2023-408 --releasever 2023.2.20231030 to update your system. More information on how to update your system can be fou...

CVE-2023-4692

An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS filesystem image, leading to grub's heap metadata corruption. In some circumstances, the attack may also corrupt the UEFI firmware heap metadata. As a...

Design/Logic Flaw

An out-of-bounds read flaw was found on grub2's NTFS filesystem driver. This issue may allow a physically present attacker to present a specially crafted NTFS file system image to read arbitrary memory locations. A successful attack allows sensitive data cached in memory or EFI variable values to...

PT-2022-6379 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel version 6.0.8 Description: The issue is related to a use-after-free vulnerability in the ntfs trim fs function of the fs/ntfs3/bitmap.c component in the Linux kernel. This vulnerability may allow an attacker to impact the...

Dovecot before 2.3.15 allows ../ Path Traversal. An attacker with access to the local filesystem can trick OAuth2 authentication into using an HS256 validation key from an attacker-controlled location. This occurs during use of local JWT validation with the posix fs driver.

...

Tuxera NTFS-3G 缓冲区错误漏洞

NTFS-3G is a stable, full-featured, read/write NTFS driver for Linux, Android, Mac OS X, FreeBSD, NetBSD, OpenSolaris, QNX, Haiku and other operating systems. An out-of-bounds read vulnerability exists in ntfsielookup in versions prior to NTFS-3G 2021.8.22. An attacker can exploit this...

CVE-2018-12930

A flaw was found in ntfsendbufferasyncread in the ntfs.ko filesystem driver in the Linux kernel. This allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service or possibly have unspecified other impact via a crafted ntfs filesystem. Due to the nature of the flaw,...

CVE-2018-12930

ntfsendbufferasyncread in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service kernel oops or panic or possibly have unspecified other impact via a crafted ntfs filesystem...

CVE-2018-12930

ntfsendbufferasyncread in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service kernel oops or panic or possibly have unspecified other impact via a crafted ntfs filesystem...

Stack overflow

ntfsendbufferasyncread in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service kernel oops or panic or possibly have unspecified other impact via a crafted ntfs filesystem...