321 matches found
PT-2022-35688 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.220 Description: The issue is related to the ext4 file system, where a crash can occur when inline data creation follows a DIO write. The actual impact and attack plausibility have not yet been proven...
PT-2022-35861 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.14.296 Description: The issue is related to the ext4 file system, where a crash can occur when inline data creation follows a DIO write. The actual impact and attack plausibility have not yet been proven...
PT-2022-35138 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.3 Description: The issue is related to a potential crash in the ext4 file system when inline data creation follows a DIO write. The actual impact and attack plausibility have not yet been proven...
kernel: ext4: fix bug_on in ext4_writepages
In the Linux kernel, the following vulnerability has been resolved: ext4: fix bugon in ext4writepages we got issue as follows: EXT4-fs error device loop0: ext4mbgeneratebuddy:1141: group 0, block bitmap and bg descriptor inconsistent: 25 vs 31513 free cls ------------ cut here ------------ kernel...
kernel: race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem
A flaw was found in the Linux kernel. A race condition was discovered in the ext4 subsystem. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...
Amazon Linux 2 : kernel (ALASKERNEL-5.10-2022-005)
The version of kernel installed on the remote host is prior to 5.10.62-55.141. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2022-005 advisory. A flaw was found in the Linux kernel's implementation of wireless drivers using the Atheros chipsets. An...
CLSA-2022-1651146021 Fix of CVE: CVE-2022-0617, CVE-2021-40490, CVE-2021-29154, CVE-2022-0435, CVE-2021-4154, CVE-2021-3753, CVE-2021-38160, CVE-2021-45485, CVE-2021-3752, CVE-2021-41864, CVE-2021-4083, CVE-2021-26930
udf: Restore ilenAlloc when inode expansion fails Jan Kara CVE-2022-0617 - udf: Fix NULL ptr deref when converting from inline format Jan Kara CVE-2022-0617 - Bluetooth: fix use-after-free error in locksocknested Wang ShaoBo CVE-2021-3752 - vtkdsetmode: extend console locking Linus Torvalds...
OESA-2021-1366 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: A race condition was discovered in ext4writeinlinedataend in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13.CVE-2021-40490 A flaw was found in the KVM's AMD code for supporting SVM nested virtualizatio...
A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13.
...
DEBIAN-CVE-2021-40490
A race condition was discovered in ext4writeinlinedataend in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13...
UBUNTU-CVE-2021-40490
A race condition was discovered in ext4writeinlinedataend in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13...
PT-2021-4245 · Linux +7 · Linux Kernel +7
Name of the Vulnerable Software and Affected Versions: Linux kernel versions up to 5.13.13 Description: A race condition was discovered in the ext4 write inline data end function in the ext4 subsystem. This issue may allow an attacker to impact the integrity, availability, and confidentiality of...
kernel: out-of-bounds memcpy in fs/ext4/inline.c:ext4_read_inline_data() with crafted ext4 image
The fs/ext4/inline.c:ext4readinlinedata function in the Linux kernel performs a memcpy with an untrusted length value in certain circumstances involving a crafted filesystem that stores the system.data extended attribute value in a dedicated inode. The unbound copy can cause memory corruption or...
Medium: kernel
Issue Overview: The fs/ext4/inline.c:ext4readinlinedata function in the Linux kernel performs a memcpy with an untrusted length value in certain circumstances involving a crafted filesystem that stores the system.data extended attribute value in a dedicated inode. The unbound copy can cause memor...
PT-2018-2583 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a stack-out-of-bounds write in the ext4 filesystem code. Specifically, the ext4 update inline data function is vulnerable when mounting and writing to a crafted...
Linux ext4: out-of-bounds memcpy via non-inline system.data xattr(CVE-2018-11412)
ext4 can store data for small regular files as "inline data", meaning that the data is stored inside the corresponding inode instead of in separate blocks. Inline data is stored in two places: The first 60 bytes go in the iblock field in the inode which normally contains a list of blocks instead,...
Linux Kernel ext4_read_inline_data() Memory Corruption
ext4 can store data for small regular files as "inline data", meaning that the data is stored inside the corresponding inode instead of in separate blocks. Inline data is stored in two places: The first 60 bytes go in the iblock field in the inode which normally contains a list of blocks instead,...
Linux Kernel 4.16.11 #LinuxKernel - #ext4_read_inline_data() Memory Corruption Exploit
Exploit for linux platform in category dos / poc ext4 can store data for small regular files as "inline data", meaning that the data is stored inside the corresponding inode instead of in separate blocks. Inline data is stored in two places: The first 60 bytes go in the iblock field in the inode...
Linux kernel memory corruption vulnerability (CNVD-2018-10582)
Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in Linux kernel versions 4.13 through 4.16.11, which stems from the 'ext4readinlinedata' function in the fs/ext4/inline.c file using an...
DEBIAN-CVE-2018-11412
In the Linux kernel 4.13 through 4.16.11, ext4readinlinedata in fs/ext4/inline.c performs a memcpy with an untrusted length value in certain circumstances involving a crafted filesystem that stores the system.data extended attribute value in a dedicated inode...