EUVD-2026-39259

In the Linux kernel, the following vulnerability has been resolved: fuse: reject fusenotify pagecache ops on directories The operations FUSENOTIFYSTORE and FUSENOTIFYRETRIEVE allow the FUSE daemon to actively write/read pagecache contents. For directories with FOPENCACHEDIR, the pagecache is used...

CVE-2026-23156 efivarfs: fix error propagation in efivar_entry_get()

In the Linux kernel, the following vulnerability has been resolved: efivarfs: fix error propagation in efivarentryget efivarentryget always returns success even if the underlying efivarentryget fails, masking errors. This may result in uninitialized heap memory being copied to userspace in the...

CVE-2025-68821

A flaw was found in the Linux kernel's Filesystem in Userspace FUSE subsystem. This vulnerability allows a local attacker to cause a system-wide deadlock. The flaw occurs due to incorrect handling of inode references during readahead operations when the FUSE server does not implement the open...

CVE-2025-40230

No description is available for this CVE. Mitigation Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability...

SUSE CVE-2025-40230

In the Linux kernel, the following vulnerability has been resolved: mm: prevent poison consumption when splitting THP When performing memory error injection on a THP Transparent Huge Page mapped to userspace on an x86 server, the kernel panics with the following trace. The expected behavior is to...

CVE-2025-40230

In the Linux kernel, the following vulnerability has been resolved: mm: prevent poison consumption when splitting THP When performing memory error injection on a THP Transparent Huge Page mapped to userspace on an x86 server, the kernel panics with the following trace. The expected behavior is to...

CVE-2025-40230 mm: prevent poison consumption when splitting THP

In the Linux kernel, the following vulnerability has been resolved: mm: prevent poison consumption when splitting THP When performing memory error injection on a THP Transparent Huge Page mapped to userspace on an x86 server, the kernel panics with the following trace. The expected behavior is to...

EUVD-2025-201229

In the Linux kernel, the following vulnerability has been resolved: mm: prevent poison consumption when splitting THP When performing memory error injection on a THP Transparent Huge Page mapped to userspace on an x86 server, the kernel panics with the following trace. The expected behavior is to...

CVE-2025-40230

CVE-2025-40230 covers a Linux kernel issue where memory error injections on a Transparent Huge Page (THP) mapped to userspace could trigger a kernel panic. The root cause: during THP splitting, the kernel reads THP pages to identify zeropage mappings while a memory failure is being handled, which...

Ensure That Mounting for Unnecessary File System Is Removed

Linux supports multiple file systems through kernel objects loaded to the kernel. As a universal OS platform, openEuler provides various kernel object files in the /lib/modules/kernel version/kernel/fs/ directory to support different file systems. You can run the insmod or modprobe command to loa...

PT-2024-35683 · Erofs +1 · Erofs +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A null-ptr-deref issue was reported in fuse read args fill by syzbot. The issue affects file-backed mounts over FUSE. Unlike most filesystems, some network filesystems and FUSE need...

Debian: Security Advisory (DSA-1989-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-238-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the FUSE file system in Linux kernel allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the FUSE file system in Linux operating systems is related to the use of memory after it is freed. Exploiting this vulnerability allows an attacker to access confidential data, compromise its integrity, and cause service failures...

jigawatts bug fix and enhancement update

An update is available for jigawatts. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Jigawatts is a new package introduced in Rocky Linux 8.5 & 9.0 to facilitat...

OESA-2022-1593 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A flaw use after free in the Linux kernel FUSE filesystem was found in the way user triggers write. A local user could use this flaw to get some unauthorized access to some data from the FUSE filesystem and as result potentially...

The vulnerability in the implementation of the ntfs_get_attribute_value function of the NTFS file system driver for the FUSE NTFS-3G module allows a malicious actor to gain unauthorized access to protected information or cause service failures.

The vulnerability of the ntfsgetattributevalue function in the NTFS file system driver for the FUSE NTFS-3G module is related to an incorrect check of the bytesinuse value. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information or cause service...

The vulnerability in the implementation of the FUSE file system in Linux kernels allows a hacker to cause a service failure.

The vulnerability of the FUSE file system implementation in Linux operating systems is related to uncontrolled resource consumption. Exploiting this vulnerability can allow an attacker to cause service failures...

Moderate: Red Hat Security Advisory: fuse security update

An update for fuse is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

kernel: fuse-backed file mmap-ed onto process cmdline arguments causes denial of service

By mmaping a FUSE-backed file onto a process's memory containing command line arguments or environment strings, an attacker can cause utilities from psutils or procps such as ps, w or any other program which makes a read call to the /proc//cmdline or /proc//environ files to block indefinitely...