SUSE CVE-2026-43188

In the Linux kernel, the following vulnerability has been resolved: ceph: do not propagate page array emplacement errors as batch errors When fscrypt is enabled, movedirtyfolioinpagearray may fail because it needs to allocate bounce buffers to store the encrypted versions of each folio. Each foli...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000959)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000959 advisory. A missing authorization check in the fscryptprocesspolicy function in fs/crypto/policy.c in the ext4 and f2fs filesystem encryption support in the Linux kernel befor...

EUVD-2023-60096

In the Linux kernel, the following vulnerability has been resolved: blk-mq: release crypto keyslot before reporting I/O complete Once all I/O using a blkcryptokey has completed, filesystems can call blkcryptoevictkey. However, the block layer currently doesn't call blkcryptoputkeyslot until the...

CVE-2023-53810 blk-mq: release crypto keyslot before reporting I/O complete

In the Linux kernel, the following vulnerability has been resolved: blk-mq: release crypto keyslot before reporting I/O complete Once all I/O using a blkcryptokey has completed, filesystems can call blkcryptoevictkey. However, the block layer currently doesn't call blkcryptoputkeyslot until the...

EUVD-2015-8169

Malware in sbrugna...

EUVD-2022-55578

Malicious code in bioql PyPI...

EUVD-2024-43724

Malicious code in bioql PyPI...

CVE-2022-50277 ext4: don't allow journal inode to have encrypt flag

In the Linux kernel, the following vulnerability has been resolved: ext4: don't allow journal inode to have encrypt flag Mounting a filesystem whose journal inode has the encrypt flag causes a NULL dereference in fscryptlimitioblocks when the 'inlinecrypt' mount option is used. The problem is tha...

[SECURITY] Fedora 41 Update: fscrypt-0.3.5-2.fc41

fscrypt is a high-level tool for the management of Linux filesystem encryptio n. This tool manages metadata, key generation, key wrapping, PAM integration, and provides a uniform interface for creating and modifying encrypted directories...

PT-2024-33541 · Opensuse · Tumbleweed

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue involves the insecure creation of temporary files, which can be exploited by local users on systems with non-default configurations. This can...

USN-3342-2 linux-hwe vulnerabilities

USN-3342-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.10 for Ubuntu 16.04 LTS. USN-3333-1 fixed a vulnerability in the Linux kernel. However, that fix introduced regressions...

USN-3342-1: Linux kernel vulnerabilities

USN 3326-1 fixed a vulnerability in the Linux kernel. However, that fix introduced regressions for some Java applications. This update addresses the issue. We apologize for the inconvenience. It was discovered that a use-after-free flaw existed in the filesystem encryption subsystem in the Linux...

Linux Kernel Denial of Service Vulnerability (CNVD-2017-10818)

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the U.S. The NFSv4 implementation is one of the distributed file system protocols. A security vulnerability exists in the 'fscryptprocesspolicy' function in the fs/crypto/policy.c file of the ex...

USN-3265-2 linux-lts-xenial vulnerabilities

USN-3265-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that a use-after-free flaw existed in the filesystem encryption...

USN-3265-1 linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon vulnerabilities

It was discovered that a use-after-free flaw existed in the filesystem encryption subsystem in the Linux kernel. A local attacker could use this to cause a denial of service system crash. CVE-2017-7374 Andrey Konovalov discovered an out-of-bounds access in the IPv6 Generic Routing Encapsulation G...

Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3265-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3265-1 advisory. It was discovered that a use-after-free flaw existed in the filesystem encryption subsystem in the Linux kernel. A local attacker could use this to cause...

UBUNTU-CVE-2016-10318

A missing authorization check in the fscryptprocesspolicy function in fs/crypto/policy.c in the ext4 and f2fs filesystem encryption support in the Linux kernel before 4.7.4 allows a user to assign an encryption policy to a directory owned by a different user, potentially creating a denial of...

Authorization

A missing authorization check in the fscryptprocesspolicy function in fs/crypto/policy.c in the ext4 and f2fs filesystem encryption support in the Linux kernel before 4.7.4 allows a user to assign an encryption policy to a directory owned by a different user, potentially creating a denial of...

CVE-2016-10318

The CVE-2016-10318 issue affects the Linux kernel’s ext4 and f2fs filesystem encryption support (fs/crypto/policy.c). It is caused by a missing authorization check in fscrypt_process_policy, allowing a user to assign an encryption policy to a directory owned by another user, which can lead to a d...

CVE-2015-8281

Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows attackers to bypass filesystem encryption via XOR calculations...