Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: A fix was made to perform a sanity check on the destination blkaddr during recovery. As Wenqing Liu reported in Bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=216456 loop5: A change in capacity was detected, from 0...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: fixed the removal of the unnecessary f2fsbugon function to avoid panics. The verifyblkaddr function will trigger panics once we introduce a fault into f2fsisvalidblkaddr; this unnecessary f2fsbugon function has been...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed to avoid potential deadlocks. The function f2fstrylockop was used in f2fswritecompressedpages to prevent potential deadlocks, just as we did in f2fswritesingledatapage...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: compress: fixed to avoid a use-after-free condition on dic. Call trace: memcpy+0x128/0x250 f2fsreadmultipages+0x940/0xf7c f2fsmpagereadpages+0x5a8/0x624 f2fsreadahead+0x5c/0x110 pagecacheraunbounded+0x1b8/0x590...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: f2fs: Synchronize atomic write aborts To address the race condition between atomic write aborts, I use the inode lock and ensure that the COW inode can be reused throughout the entire lifetime of the atomic file inode...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: f2fs: The issue was fixed by dropping all dirty pages during umount if cperror is set. xfstest generic/361 reports a bug as follows: f2fsbugonsbi, sbi-fsyncnodenum; Kernel bug at fs/f2fs/super.c:1627. RIP:...

CVE-2026-31714

A flaw was found in the Linux kernel's F2FS Flash-Friendly File System component. This vulnerability, a memory leak, occurs within the f2fsrename function. A local attacker could exploit this by repeatedly performing file rename operations, leading to a gradual consumption of system memory. Over...

CVE-2026-31702

A flaw was found in the Linux kernel's F2FS Flash-Friendly File System component. A use-after-free vulnerability exists in the f2fscompresswriteendio function. This flaw is caused by a race condition during the compressed writeback completion path, where the system attempts to access memory that...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the improper memory release in the fscryptsetupfilename function within f2fsrename. This could le...

CVE-2026-23267

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix ISCHECKPOINTED flag inconsistency issue caused by concurrent atomic commit and checkpoint writes During SPO tests, when mounting F2FS, an -EINVAL error was returned from f2fsrecoverinodepage. The issue occurred under th...

UBUNTU-CVE-2026-23265

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on node footer in read,writeendio ----------- cut here ------------ kernel BUG at fs/f2fs/data.c:358! Call Trace: blkupdaterequest+0x5eb/0xe70 block/blk-mq.c:987 blkmqendrequest+0x3e/0x70...

CVE-2026-23267

The CVE-2026-23267 issue is a Linux kernel f2fs race where an IS_CHECKPOINTED flag inconsistency during atomic commits could cause an -EINVAL in f2fs_recover_inode_page. The root cause is a race between f2fs_ioc_commit_atomic_write and f2fs_write_checkpoint, with the last_folio’s nat_entry flag n...

ROS-20260317-73-0003

A vulnerability in the fs/f2fs/inode.c module of the Linux kernel is related to mutual blocking of execution threads. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: fixed the issue where dcc-f2fsissuediscard was not invalidated during the error path. Syzbot reports a NULL pointer dereference issue as follows: refcountadd include/linux/refcount.h:193 inline refcountinc...

CVE-2026-23233

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid mapping wrong physical block for swapfile Xiaolong Guo reported a f2fs bug in bugzilla 1 1 https://bugzilla.kernel.org/showbug.cgi?id=220951 Quoted: "When using stress-ng's swap stress test on F2FS filesystem...

DEBIAN-CVE-2026-23235

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix out-of-bounds access in sysfs attribute read/write Some f2fs sysfs attributes suffer from out-of-bounds memory access and incorrect handling of integer values whose size is not 4 bytes. For example: vm: echo 65537...

UBUNTU-CVE-2026-23235

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix out-of-bounds access in sysfs attribute read/write Some f2fs sysfs attributes suffer from out-of-bounds memory access and incorrect handling of integer values whose size is not 4 bytes. For example: vm: echo 65537...

CVE-2026-23233 f2fs: fix to avoid mapping wrong physical block for swapfile

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid mapping wrong physical block for swapfile Xiaolong Guo reported a f2fs bug in bugzilla 1 1 https://bugzilla.kernel.org/showbug.cgi?id=220951 Quoted: "When using stress-ng's swap stress test on F2FS filesystem...

Azure Linux 3.0 Security Update: kernel (CVE-2024-49859)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49859 advisory. - In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to check atomicfile in f2fs...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001548)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001548 advisory. An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference in fscryptdopagecrypto in fs/crypto/crypto.c when operating on a fil...