100 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-46194
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - f2fs: fix nodecnt race between extent node destroy and writeback f2fsdestroyextentnode does not set FINOEXTENT before clearing extent nodes. When called from...
CVE-2026-46175
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix fsck inconsistency caused by FGGC of node block During FGGC node block migration, fsck may incorrectly treat the migrated node block as fsync-written data. The reproduction scenario: root@vm:/mnt/f2fs seq 1 2048 | xargs...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the nodecnt competition between the destruction and write-back operations of extent nodes in f2fs...
CVE-2026-43349
A flaw was found in the Linux kernel's Flash-Friendly File System f2fs. This vulnerability allows a local attacker to cause an uninitialized value access in the f2fssanitychecknodefooter function. This occurs when the system fails to read data from a device into a folio, potentially leading to...
UBUNTU-CVE-2026-43349
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid uninit-value access in f2fssanitychecknodefooter syzbot reported a f2fs bug as below: BUG: KMSAN: uninit-value in f2fssanitychecknodefooter+0x374/0xa20 fs/f2fs/node.c:1520 f2fssanitychecknodefooter+0x374/0xa20...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: f2fs: The issue of dereferencing a stale list iterator after the loop body has been executed has been fixed. The list iterator variable will become a bogus pointer if no break is executed. Dereferencing it in this case, cur-page...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: f2fs: We can avoid a panic if the extenttree is not created. This patch prevents the following panics: pc: lookupextenttree+0xd8/0x760 lr: f2fsdowritedatapage+0x104/0x87c sp: ffffffc010cbb3c0 x29: ffffffc010cbb3e0 x28:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: f2fs: A fix was made to prevent race conditions during the fsyncentryslab access by multiple f2fs filesystem instances. As reported by syzbot, there is a use-after-free issue during f2fs recovery: A use-after-free occurs when...
CVE-2026-31715
A flaw was found in the Linux kernel's Flash-Friendly File System f2fs. A use-after-free vulnerability exists due to incorrect handling of page counts during concurrent write operations and unmounting. This can lead to a NULL pointer dereference, causing the system to panic and resulting in a...
CVE-2026-23265
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on node footer in read,writeendio ----------- cut here ------------ kernel BUG at fs/f2fs/data.c:358! Call Trace: blkupdaterequest+0x5eb/0xe70 block/blk-mq.c:987 blkmqendrequest+0x3e/0x70...
EUVD-2026-9404
In the Linux kernel, the following vulnerability has been resolved: Revert "f2fs: block cache/dio write during f2fsenablecheckpoint" This reverts commit 196c81fdd438f7ac429d5639090a9816abb9760a. Original patch may cause below deadlock, revert it. write remount - writebegin - lockpage --- lock A -...
CVE-2026-23233
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid mapping wrong physical block for swapfile Xiaolong Guo reported a f2fs bug in bugzilla 1 1 https://bugzilla.kernel.org/showbug.cgi?id=220951 Quoted: "When using stress-ng's swap stress test on F2FS filesystem...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a deadlock issue in the f2fsenablecheckpoint function...
ROS-20260220-73-0008
A vulnerability in the totalvalidblockcount function of the fs/f2fs/f2fs.h library of the Linux kernel is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20260126-73-0036
A vulnerability in the f2fs component of the Linux operating system kernel is related to unchecked array indexing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001103)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001103 advisory. The sanitycheckckpt function in fs/f2fs/super.c in the Linux kernel before 4.12.4 does not validate the blkoff and segno arrays, which allows local users to gain...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004056)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004056 advisory. In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause a NULL pointer dereference in f2fsrecoverfsyncdata in fs/f2fs/recovery.c. This is...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002603)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002603 advisory. The sanitycheckrawsuper function in fs/f2fs/super.c in the Linux kernel before 4.11.1 does not validate the segment count, which allows local users to gain privilege...
CVE-2025-68772
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid updating compression context during writeback Bai, Shuangpeng reported a bug as below: Oops: divide error: 0000 1 SMP KASAN PTI CPU: 0 UID: 0 PID: 11441 Comm: syz.0.46 Not tainted 6.17.0 1 PREEMPTfull Hardware...
SUSE CVE-2023-54192
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix null pointer panic in tracepoint in replaceatomicwriteblock We got a kernel panic if oldaddr is NULL. https://bugzilla.kernel.org/showbug.cgi?id=217266 BUG: kernel NULL pointer dereference, address: 0000000000000000 Cal...