CVE-2026-23156 efivarfs: fix error propagation in efivar_entry_get()

In the Linux kernel, the following vulnerability has been resolved: efivarfs: fix error propagation in efivarentryget efivarentryget always returns success even if the underlying efivarentryget fails, masking errors. This may result in uninitialized heap memory being copied to userspace in the...

CVE-2025-68821

A flaw was found in the Linux kernel's Filesystem in Userspace FUSE subsystem. This vulnerability allows a local attacker to cause a system-wide deadlock. The flaw occurs due to incorrect handling of inode references during readahead operations when the FUSE server does not implement the open...

CVE-2025-40230

No description is available for this CVE. Mitigation Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability...

SUSE CVE-2025-40230

In the Linux kernel, the following vulnerability has been resolved: mm: prevent poison consumption when splitting THP When performing memory error injection on a THP Transparent Huge Page mapped to userspace on an x86 server, the kernel panics with the following trace. The expected behavior is to...

CVE-2025-40230

In the Linux kernel, the following vulnerability has been resolved: mm: prevent poison consumption when splitting THP When performing memory error injection on a THP Transparent Huge Page mapped to userspace on an x86 server, the kernel panics with the following trace. The expected behavior is to...

EUVD-2025-201229

In the Linux kernel, the following vulnerability has been resolved: mm: prevent poison consumption when splitting THP When performing memory error injection on a THP Transparent Huge Page mapped to userspace on an x86 server, the kernel panics with the following trace. The expected behavior is to...

CVE-2025-40230

CVE-2025-40230 covers a Linux kernel issue where memory error injections on a Transparent Huge Page (THP) mapped to userspace could trigger a kernel panic. The root cause: during THP splitting, the kernel reads THP pages to identify zeropage mappings while a memory failure is being handled, which...

CVE-2025-40230 mm: prevent poison consumption when splitting THP

In the Linux kernel, the following vulnerability has been resolved: mm: prevent poison consumption when splitting THP When performing memory error injection on a THP Transparent Huge Page mapped to userspace on an x86 server, the kernel panics with the following trace. The expected behavior is to...

Ensure That Mounting for Unnecessary File System Is Removed

Linux supports multiple file systems through kernel objects loaded to the kernel. As a universal OS platform, openEuler provides various kernel object files in the /lib/modules/kernel version/kernel/fs/ directory to support different file systems. You can run the insmod or modprobe command to loa...

PT-2024-35683 · Erofs +1 · Erofs +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A null-ptr-deref issue was reported in fuse read args fill by syzbot. The issue affects file-backed mounts over FUSE. Unlike most filesystems, some network filesystems and FUSE need...

Debian: Security Advisory (DLA-238-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-1989-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

jigawatts bug fix and enhancement update

An update is available for jigawatts. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Jigawatts is a new package introduced in Rocky Linux 8.5 & 9.0 to facilitat...

OESA-2022-1593 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A flaw use after free in the Linux kernel FUSE filesystem was found in the way user triggers write. A local user could use this flaw to get some unauthorized access to some data from the FUSE filesystem and as result potentially...

Moderate: Red Hat Security Advisory: fuse security update

An update for fuse is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

kernel: fuse-backed file mmap-ed onto process cmdline arguments causes denial of service

By mmaping a FUSE-backed file onto a process's memory containing command line arguments or environment strings, an attacker can cause utilities from psutils or procps such as ps, w or any other program which makes a read call to the /proc//cmdline or /proc//environ files to block indefinitely...

CRIU Privilege Acquisition Vulnerability

CRIU Checkpoint/Restore In Userspace is a set of Linux userspace userspace on the implementation of the checkpoint/restore function of the software to freeze and restore the execution of tools. The tool supports freezing or partially freezing the execution of an application and saving its executi...

Ubuntu 14.04 LTS : Linux kernel (Vivid HWE) regression (USN-2910-2)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-2910-2 advisory. USN-2910-1 fixed vulnerabilities in the Ubuntu 15.04 Linux kernel backported to Ubuntu 14.04 LTS. An incorrect locking fix caused a regression that broke graphics...

USN-2910-1 Linux kernel vulnerability | Cloud Foundry

USN-2910-1 Linux kernel vulnerability High Vendor Ubuntu Versions Affected Ubuntu 14.04 Description halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged attacker could use this to gain privileges...

USN-2908-3: Linux kernel (Raspberry Pi 2) vulnerabilities

halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged attacker could use this to gain privileges. CVE-2016-1576 halfdog discovered that OverlayFS in the Linux kernel incorrectly propagated security...