SUSE CVE-2026-45861

In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix slab-use-after-free in qdput Commit a475c5dd16e5 "gfs2: Free quota data objects synchronously" started freeing quota data objects during filesystem shutdown instead of putting them back onto the LRU list, but it failed ...

CVE-2026-45961

A flaw was found in the Linux kernel's GFS2 filesystem. When a GFS2 filesystem transitions to read-write mode, specific error handling paths within the gfs2fillsuper function fail to properly deallocate memory. This can lead to memory leaks of kernel thread objects and quota bitmap buffers. Over...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the gfs2 module failing to remove quota data objects from the LRU list in the qdput function. Thi...

CVE-2026-43262

In the Linux kernel, the following vulnerability has been resolved: gfs2: fiemap page fault fix In gfs2fiemap, we are calling iomapfiemap while holding the inode glock. This can lead to recursive glock taking if the fiemap buffer is memory mapped to the same inode and accessing it triggers a page...

PT-2026-37602

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the gfs2 fiemap function where iomap fiemap is called while the inode glock global lock is held. This can result in recursive glock acquisition if the fiemap buffer is...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

A NULL pointer dereference issue was discovered in the gfs2 file system within the Linux kernel. This issue occurs in corrupted gfs2 file systems when the evict code attempts to reference the journal descriptor structure after it has been freed and set to NULL. A privileged local user could explo...

USN-8143-1 linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - GPU drivers; - BTRFS file system; - GFS2 file system; - UDF file system; - NFC subsystem; -...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000588)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000588 advisory. An issue was discovered in fs/gfs2/rgrp.c in the Linux kernel before 4.8. A use-after-free is caused by the functions gfs2clearrgrpd and readrindexentry. Tenable has...

EUVD-2025-201217

In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix unlikely race in gdlmputlock In gdlmputlock, there is a small window of time in which the DFLUNMOUNT flag has been set but the lockspace hasn't been released, yet. In that window, dlm may still call gdlmast and gdlmbast...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49138: Bluetooth: hcievent: Fix checking conn for leconncompleteevt bsc1238160. CVE-2022-50233: Bluetooth: eir: Fix using strlen with hdev-devname,shortnam...

EUVD-2010-0753

Malware in sbrugna...

DEBIAN-CVE-2025-38710

In the Linux kernel, the following vulnerability has been resolved: gfs2: Validate idepth for exhash directories A fuzzer test introduced corruption that ends up with a depth of 0 in direread, causing an undefined shift by 32 at: index = hash 32 - dip-idepth; As calculated in an open-coded way in...

CVE-2025-38710 gfs2: Validate i_depth for exhash directories

In the Linux kernel, the following vulnerability has been resolved: gfs2: Validate idepth for exhash directories A fuzzer test introduced corruption that ends up with a depth of 0 in direread, causing an undefined shift by 32 at: index = hash 32 - dip-idepth; As calculated in an open-coded way in...

kernel security update

4.18.0-553.71.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

CVE-2025-38659

In the Linux kernel, the following vulnerability has been resolved: gfs2: No more self recovery When a node withdraws and it turns out that it is the only node that has the filesystem mounted, gfs2 currently tries to replay the local journal to bring the filesystem back into a consistent state. N...

OESA-2025-1569 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: gfs2: Check sbbsizeshift after reading superblock Fuzzers like to scribble over sbbsizeshift but in reality it's very unlikely that this field would be corrupted...

SUSE CVE-2022-49769

In the Linux kernel, the following vulnerability has been resolved: gfs2: Check sbbsizeshift after reading superblock Fuzzers like to scribble over sbbsizeshift but in reality it's very unlikely that this field would be corrupted on its own. Nevertheless it should be checked to avoid the...

kernel: gfs2: Fix potential glock use-after-free on unmount

A vulnerability was found in the Linux kernel within the gfs2 component, where potential use-after-free issues could occur on unmount. When DLM lockspaces are released with remaining locks, callbacks for asynchronous lock contention may access freed objects, causing unexpected behavior...

RHSA-2010:0331 Red Hat Security Advisory: GFS-kernel security and bug fix update

Bulletin has no description...

RHSA-2010:0521 Red Hat Security Advisory: gfs-kmod security update

Bulletin has no description...