Lucene search
K

321 matches found

Positive Technologies
Positive Technologies
added 2022/11/14 12:0 a.m.4 views

PT-2022-35688 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.220 Description: The issue is related to the ext4 file system, where a crash can occur when inline data creation follows a DIO write. The actual impact and attack plausibility have not yet been proven...

7.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/11/14 12:0 a.m.10 views

PT-2022-35861 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.14.296 Description: The issue is related to the ext4 file system, where a crash can occur when inline data creation follows a DIO write. The actual impact and attack plausibility have not yet been proven...

7.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/11/14 12:0 a.m.6 views

PT-2022-35138 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.3 Description: The issue is related to a potential crash in the ext4 file system when inline data creation follows a DIO write. The actual impact and attack plausibility have not yet been proven...

7.1AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2022/11/08 9:32 a.m.3 views

kernel: ext4: fix bug_on in ext4_writepages

In the Linux kernel, the following vulnerability has been resolved: ext4: fix bugon in ext4writepages we got issue as follows: EXT4-fs error device loop0: ext4mbgeneratebuddy:1141: group 0, block bitmap and bg descriptor inconsistent: 25 vs 31513 free cls ------------ cut here ------------ kernel...

5.5CVSS6.3AI score0.00283EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/05/10 1:58 p.m.8 views

kernel: race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem

A flaw was found in the Linux kernel. A race condition was discovered in the ext4 subsystem. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

7CVSS6.6AI score0.00303EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2022/05/02 12:0 a.m.42 views

Amazon Linux 2 : kernel (ALASKERNEL-5.10-2022-005)

The version of kernel installed on the remote host is prior to 5.10.62-55.141. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2022-005 advisory. A flaw was found in the Linux kernel's implementation of wireless drivers using the Atheros chipsets. An...

8.8CVSS6.5AI score0.00658EPSS
Exploits3References15
OSV
OSV
added 2022/04/28 11:40 a.m.7 views

CLSA-2022-1651146021 Fix of CVE: CVE-2022-0617, CVE-2021-40490, CVE-2021-29154, CVE-2022-0435, CVE-2021-4154, CVE-2021-3753, CVE-2021-38160, CVE-2021-45485, CVE-2021-3752, CVE-2021-41864, CVE-2021-4083, CVE-2021-26930

udf: Restore ilenAlloc when inode expansion fails Jan Kara CVE-2022-0617 - udf: Fix NULL ptr deref when converting from inline format Jan Kara CVE-2022-0617 - Bluetooth: fix use-after-free error in locksocknested Wang ShaoBo CVE-2021-3752 - vtkdsetmode: extend console locking Linus Torvalds...

9CVSS6.8AI score0.67994EPSS
Exploits7References1
OSV
OSV
added 2021/09/30 11:3 a.m.4 views

OESA-2021-1366 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A race condition was discovered in ext4writeinlinedataend in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13.CVE-2021-40490 A flaw was found in the KVM's AMD code for supporting SVM nested virtualizatio...

8.8CVSS6.1AI score0.0066EPSS
Exploits2References4
Microsoft CVE
Microsoft CVE
added 2021/09/11 7:0 a.m.5 views

A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13.

...

7CVSS7AI score0.00303EPSS
Exploits0
OSV
OSV
added 2021/09/03 1:15 a.m.9 views

DEBIAN-CVE-2021-40490

A race condition was discovered in ext4writeinlinedataend in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13...

7CVSS6.3AI score0.00303EPSS
Exploits0References1
OSV
OSV
added 2021/09/03 1:15 a.m.7 views

UBUNTU-CVE-2021-40490

A race condition was discovered in ext4writeinlinedataend in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13...

7CVSS6.7AI score0.00303EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2021/08/30 12:0 a.m.12 views

PT-2021-4245 · Linux +7 · Linux Kernel +7

Name of the Vulnerable Software and Affected Versions: Linux kernel versions up to 5.13.13 Description: A race condition was discovered in the ext4 write inline data end function in the ext4 subsystem. This issue may allow an attacker to impact the integrity, availability, and confidentiality of...

9.8CVSS7.5AI score0.93838EPSS
Exploits350References1805
RedHat Linux
RedHat Linux
added 2019/03/13 2:11 a.m.3 views

kernel: out-of-bounds memcpy in fs/ext4/inline.c:ext4_read_inline_data() with crafted ext4 image

The fs/ext4/inline.c:ext4readinlinedata function in the Linux kernel performs a memcpy with an untrusted length value in certain circumstances involving a crafted filesystem that stores the system.data extended attribute value in a dedicated inode. The unbound copy can cause memory corruption or...

5.9CVSS7.1AI score0.16352EPSS
Exploits4References4
Amazon
Amazon
added 2018/07/23 12:0 a.m.4 views

Medium: kernel

Issue Overview: The fs/ext4/inline.c:ext4readinlinedata function in the Linux kernel performs a memcpy with an untrusted length value in certain circumstances involving a crafted filesystem that stores the system.data extended attribute value in a dedicated inode. The unbound copy can cause memor...

5.9CVSS5.9AI score0.16352EPSS
Exploits4
Positive Technologies
Positive Technologies
added 2018/06/16 12:0 a.m.7 views

PT-2018-2583 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a stack-out-of-bounds write in the ext4 filesystem code. Specifically, the ext4 update inline data function is vulnerable when mounting and writing to a crafted...

8.8CVSS7.2AI score0.93838EPSS
Exploits91References731
seebug.org
seebug.org
added 2018/06/08 12:0 a.m.197 views

Linux ext4: out-of-bounds memcpy via non-inline system.data xattr(CVE-2018-11412)

ext4 can store data for small regular files as "inline data", meaning that the data is stored inside the corresponding inode instead of in separate blocks. Inline data is stored in two places: The first 60 bytes go in the iblock field in the inode which normally contains a list of blocks instead,...

0.2AI score0.16352EPSS
Exploits4
Packet Storm
Packet Storm
added 2018/06/05 12:0 a.m.51 views

Linux Kernel ext4_read_inline_data() Memory Corruption

ext4 can store data for small regular files as "inline data", meaning that the data is stored inside the corresponding inode instead of in separate blocks. Inline data is stored in two places: The first 60 bytes go in the iblock field in the inode which normally contains a list of blocks instead,...

0.3AI score0.16352EPSS
Exploits4
0day.today
0day.today
added 2018/06/05 12:0 a.m.94 views

Linux Kernel 4.16.11 #LinuxKernel - #ext4_read_inline_data() Memory Corruption Exploit

Exploit for linux platform in category dos / poc ext4 can store data for small regular files as "inline data", meaning that the data is stored inside the corresponding inode instead of in separate blocks. Inline data is stored in two places: The first 60 bytes go in the iblock field in the inode...

6.6AI score0.16352EPSS
Exploits4
CNVD
CNVD
added 2018/05/28 12:0 a.m.2 views

Linux kernel memory corruption vulnerability (CNVD-2018-10582)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in Linux kernel versions 4.13 through 4.16.11, which stems from the 'ext4readinlinedata' function in the fs/ext4/inline.c file using an...

5.9CVSS6.9AI score0.16352EPSS
Exploits4References1
OSV
OSV
added 2018/05/24 6:29 p.m.3 views

DEBIAN-CVE-2018-11412

In the Linux kernel 4.13 through 4.16.11, ext4readinlinedata in fs/ext4/inline.c performs a memcpy with an untrusted length value in certain circumstances involving a crafted filesystem that stores the system.data extended attribute value in a dedicated inode...

5.9CVSS7.4AI score0.16352EPSS
Exploits4References1
Rows per page
Query Builder