2117 matches found
AZL-72455 CVE-2025-68264 affecting package kernel for versions less than 6.6.121.1-1
In the Linux kernel, the following vulnerability has been resolved: ext4: refresh inline data size before write operations The cached ei-iinlinesize can become stale between the initial size check and when ext4updateinlinedata/ext4createinlinedata use it. Although ext4getmaxinlinesize reads the...
AZL-72469 CVE-2025-68261 affecting package kernel for versions less than 6.6.121.1-1
In the Linux kernel, the following vulnerability has been resolved: ext4: add idatasem protection in ext4destroyinlinedatanolock Fix a race between inline data destruction and block mapping. The function ext4destroyinlinedatanolock changes the inode data layout by clearing EXT4INODEINLINEDATA and...
CVE-2025-68264
In the Linux kernel, the following vulnerability has been resolved: ext4: refresh inline data size before write operations The cached ei-iinlinesize can become stale between the initial size check and when ext4updateinlinedata/ext4createinlinedata use it. Although ext4getmaxinlinesize reads the...
CVE-2025-68261
In the Linux kernel, the following vulnerability has been resolved: ext4: add idatasem protection in ext4destroyinlinedatanolock Fix a race between inline data destruction and block mapping. The function ext4destroyinlinedatanolock changes the inode data layout by clearing EXT4INODEINLINEDATA and...
UBUNTU-CVE-2025-68261
In the Linux kernel, the following vulnerability has been resolved: ext4: add idatasem protection in ext4destroyinlinedatanolock Fix a race between inline data destruction and block mapping. The function ext4destroyinlinedatanolock changes the inode data layout by clearing EXT4INODEINLINEDATA and...
UBUNTU-CVE-2025-68264
In the Linux kernel, the following vulnerability has been resolved: ext4: refresh inline data size before write operations The cached ei-iinlinesize can become stale between the initial size check and when ext4updateinlinedata/ext4createinlinedata use it. Although ext4getmaxinlinesize reads the...
CVE-2025-68264
In CVE-2025-68264, the Linux kernel ext4 inline data path is vulnerable to a race where i_inline_size can become stale between the initial size check and the actual write. Specifically, a concurrent xattr operation may change i_inline_size after ext4_get_max_inline_size() passes the check but bef...
CVE-2025-68264
In the Linux kernel, the following vulnerability has been resolved: ext4: refresh inline data size before write operations The cached ei-iinlinesize can become stale between the initial size check and when ext4updateinlinedata/ext4createinlinedata use it. Although ext4getmaxinlinesize reads the...
CVE-2025-68264 ext4: refresh inline data size before write operations
In the Linux kernel, the following vulnerability has been resolved: ext4: refresh inline data size before write operations The cached ei-iinlinesize can become stale between the initial size check and when ext4updateinlinedata/ext4createinlinedata use it. Although ext4getmaxinlinesize reads the...
CVE-2025-68264 ext4: refresh inline data size before write operations
In the Linux kernel, the following vulnerability has been resolved: ext4: refresh inline data size before write operations The cached ei-iinlinesize can become stale between the initial size check and when ext4updateinlinedata/ext4createinlinedata use it. Although ext4getmaxinlinesize reads the...
CVE-2025-68261
In the Linux kernel, the following vulnerability has been resolved: ext4: add idatasem protection in ext4destroyinlinedatanolock Fix a race between inline data destruction and block mapping. The function ext4destroyinlinedatanolock changes the inode data layout by clearing EXT4INODEINLINEDATA and...
CVE-2025-68261
CVE-2025-68261 concerns a race in ext4 where inline data destruction (ext4_destroy_inline_data_nolock) and block mapping (ext4_map_blocks) can concurrently modify inode layout, causing a state where EXT4_INODE_EXTENTS flag is observed incorrectly and triggers a kernel BUG in fs/ext4/indirect.c (l...
CVE-2025-68261 ext4: add i_data_sem protection in ext4_destroy_inline_data_nolock()
In the Linux kernel, the following vulnerability has been resolved: ext4: add idatasem protection in ext4destroyinlinedatanolock Fix a race between inline data destruction and block mapping. The function ext4destroyinlinedatanolock changes the inode data layout by clearing EXT4INODEINLINEDATA and...
CVE-2025-68261 ext4: add i_data_sem protection in ext4_destroy_inline_data_nolock()
In the Linux kernel, the following vulnerability has been resolved: ext4: add idatasem protection in ext4destroyinlinedatanolock Fix a race between inline data destruction and block mapping. The function ext4destroyinlinedatanolock changes the inode data layout by clearing EXT4INODEINLINEDATA and...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the failure to refresh the inline data size before a write operation in ext4...
Linux Distros Unpatched Vulnerability : CVE-2025-68261
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: add idatasem protection in ext4destroyinlinedatanolock Fix a race between inline data destruction and block mapping. The function...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from ext4destroyinlinedatanolock missing idatasem protection in ext4...
Linux Distros Unpatched Vulnerability : CVE-2025-68264
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: refresh inline data size before write operations The cached ei-iinlinesize can become stale between the initial size check and when...
Denial-of-service (DoS)
pypdf is vulnerable to a Denial-of-service DoS. The vulnerability is due to improper handling of inline images using the DCTDecode filter during PDF content stream parsing, which allows an attacker to craft a malicious PDF that triggers an infinite loop and causes CPU exhaustion...
EUVD-2025-202979
The Hide Email Address plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'inlinecss' parameter in the bg-hide-email-address shortcode in all versions up to, and including, 0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This make...