44 matches found
CVE-2026-46124
CVE-2026-46124 affects the Linux kernel isofs filesystem. The vulnerability arises because isofs_fh_to_dentry/isofs_fh_to_parent pass an attacker-controlled block number from an NFS file handle to isofs_export_iget(), which only rejects block == 0 before calling isofs_iget and sb_bread. A crafted...
CVE-2026-46124 isofs: validate block number from NFS file handle in isofs_export_iget
In the Linux kernel, the following vulnerability has been resolved: isofs: validate block number from NFS file handle in isofsexportiget isofsfhtodentry and isofsfhtoparent pass an attacker- controlled block number ifid-block or ifid-parentblock from the NFS file handle to isofsexportiget, which...
PT-2026-44247
In the Linux kernel, the following vulnerability has been resolved: isofs: validate block number from NFS file handle in isofs export iget isofs fh to dentry and isofs fh to parent pass an attacker- controlled block number ifid-block or ifid-parent block from the NFS file handle to isofs export...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the isofs exportiget function not verifying the block number in the NFS file handle, potentially...
CVE-2026-46002
A flaw was found in the Linux kernel's ext2 filesystem. A local attacker could create a specially crafted filesystem image with malformed inodes index nodes that, when mounted, would not be properly rejected by the ext2iget function. This could lead to a kernel warning and potentially a system...
CVE-2026-46002 ext2: reject inodes with zero i_nlink and valid mode in ext2_iget()
In the Linux kernel, the following vulnerability has been resolved: ext2: reject inodes with zero inlink and valid mode in ext2iget ext2iget already rejects inodes with inlink == 0 when imode is zero or idtime is set, treating them as deleted. However, the case of inlink == 0 with a non-zero mode...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: ext4: Added the EXT4IGETBAD flag to prevent unexpected bad inodes. There are many places that may encounter problems and crash when ext4iget returns a bad inode. However, if the iget function returns a bad inode, it may not be...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: btrfs: Fixed the inode leak in btrfsiget. BUG There is a bug report that a syzbot reproducer can cause the following issue: A busy inode occurs at the time of unmount: - BTRFS info device loop1: Last unmount of the filesystem...
SUSE CVE-2026-43063
In the Linux kernel, the following vulnerability has been resolved: xfs: don't irele after failing to iget in xfsattrirecoverwork xlogrecoveryiget never set @ip to a valid pointer if they return an error, so this irele will walk off a dangling pointer. Fix that...
EUVD-2026-27359
In the Linux kernel, the following vulnerability has been resolved: xfs: don't irele after failing to iget in xfsattrirecoverwork xlogrecoveryiget never set @ip to a valid pointer if they return an error, so this irele will walk off a dangling pointer. Fix that...
CVE-2026-43063
In the Linux kernel, the following vulnerability has been resolved: xfs: don't irele after failing to iget in xfsattrirecoverwork xlogrecoveryiget never set @ip to a valid pointer if they return an error, so this irele will walk off a dangling pointer. Fix that...
PT-2026-37066
In the Linux kernel, the following vulnerability has been resolved: xfs: don't irele after failing to iget in xfs attri recover work xlog recovery iget never set @ip to a valid pointer if they return an error, so this irele will walk off a dangling pointer. Fix that...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ext4: detect invalid INLINEDATA + EXTENTS flag combination syzbot reported a BUGON in ext4escacheextent when opening a verity file on a corrupted ext4 filesystem mounted without a journal. The issue is that the filesystem has an...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-006995)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006995 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: add EXT4IGETBAD flag to prevent unexpected bad inode There are many places that will get...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007520)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007520 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: add EXT4IGETBAD flag to prevent unexpected bad inode There are many places that will get...
SUSE CVE-2026-23036
In the Linux kernel, the following vulnerability has been resolved: btrfs: release path before igetfailed in btrfsreadlockedinode In btrfsreadlockedinode if we fail to lookup the inode, we jump to the 'out' label with a path that has a read locked leaf and then we call igetfailed. This can result...
CVE-2026-23036
In the Linux kernel, the following vulnerability has been resolved: btrfs: release path before igetfailed in btrfsreadlockedinode In btrfsreadlockedinode if we fail to lookup the inode, we jump to the 'out' label with a path that has a read locked leaf and then we call igetfailed. This can result...
UBUNTU-CVE-2026-23036
In the Linux kernel, the following vulnerability has been resolved: btrfs: release path before igetfailed in btrfsreadlockedinode In btrfsreadlockedinode if we fail to lookup the inode, we jump to the 'out' label with a path that has a read locked leaf and then we call igetfailed. This can result...
EUVD-2026-5058
In the Linux kernel, the following vulnerability has been resolved: btrfs: release path before igetfailed in btrfsreadlockedinode In btrfsreadlockedinode if we fail to lookup the inode, we jump to the 'out' label with a path that has a read locked leaf and then we call igetfailed. This can result...
CVE-2026-23036
In the Linux kernel, the following vulnerability has been resolved: btrfs: release path before igetfailed in btrfsreadlockedinode In btrfsreadlockedinode if we fail to lookup the inode, we jump to the 'out' label with a path that has a read locked leaf and then we call igetfailed. This can result...