2117 matches found
CVE-2025-40167
In the Linux kernel, the following vulnerability has been resolved: ext4: detect invalid INLINEDATA + EXTENTS flag combination syzbot reported a BUGON in ext4escacheextent when opening a verity file on a corrupted ext4 filesystem mounted without a journal. The issue is that the filesystem has an...
ext4: detect invalid INLINE_DATA + EXTENTS flag combination
...
PT-2025-51677
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to inline data handling within the ext4 filesystem. A stale cached value for i inline size can occur due to concurrent xattr operations, leading ...
PT-2025-46925
Name of the Vulnerable Software and Affected Versions Apollo Federation versions prior to 2.9.5 Apollo Federation versions prior to 2.10.4 Apollo Federation versions prior to 2.11.5 Apollo Federation versions prior to 2.12.1 Description Apollo Federation is an architecture for composing APIs into...
EUVD-2025-124916
In the Linux kernel, the following vulnerability has been resolved: ext4: detect invalid INLINEDATA + EXTENTS flag combination syzbot reported a BUGON in ext4escacheextent when opening a verity file on a corrupted ext4 filesystem mounted without a journal. The issue is that the filesystem has an...
AZL-69992 CVE-2025-40167 affecting package kernel for versions less than 6.6.117.1-1
In the Linux kernel, the following vulnerability has been resolved: ext4: detect invalid INLINEDATA + EXTENTS flag combination syzbot reported a BUGON in ext4escacheextent when opening a verity file on a corrupted ext4 filesystem mounted without a journal. The issue is that the filesystem has an...
CVE-2025-40167
In the Linux kernel, the following vulnerability has been resolved: ext4: detect invalid INLINEDATA + EXTENTS flag combination syzbot reported a BUGON in ext4escacheextent when opening a verity file on a corrupted ext4 filesystem mounted without a journal. The issue is that the filesystem has an...
UBUNTU-CVE-2025-40167
In the Linux kernel, the following vulnerability has been resolved: ext4: detect invalid INLINEDATA + EXTENTS flag combination syzbot reported a BUGON in ext4escacheextent when opening a verity file on a corrupted ext4 filesystem mounted without a journal. The issue is that the filesystem has an...
CVE-2025-40167 ext4: detect invalid INLINE_DATA + EXTENTS flag combination
In the Linux kernel, the following vulnerability has been resolved: ext4: detect invalid INLINEDATA + EXTENTS flag combination syzbot reported a BUGON in ext4escacheextent when opening a verity file on a corrupted ext4 filesystem mounted without a journal. The issue is that the filesystem has an...
CVE-2025-40167 ext4: detect invalid INLINE_DATA + EXTENTS flag combination
In the Linux kernel, the following vulnerability has been resolved: ext4: detect invalid INLINEDATA + EXTENTS flag combination syzbot reported a BUGON in ext4escacheextent when opening a verity file on a corrupted ext4 filesystem mounted without a journal. The issue is that the filesystem has an...
CVE-2025-40167
CVE-2025-40167 affects the Linux kernel ext4 filesystem. The issue occurs when an inode has both INLINE_DATA and EXTENTS flags set, causing ext4_es_cache_extent() to BUG_ON due to unvalidated out-of-order extents while opening a verity file on a corrupted ext4 FS mounted without a journal. Invest...
CVE-2025-40167
In the Linux kernel, the following vulnerability has been resolved: ext4: detect invalid INLINEDATA + EXTENTS flag combination syzbot reported a BUGON in ext4escacheextent when opening a verity file on a corrupted ext4 filesystem mounted without a journal. The issue is that the filesystem has an...
CVE-2025-40137 f2fs: fix to truncate first page in error path of f2fs_truncate()
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to truncate first page in error path of f2fstruncate syzbot reports a bug as below: loop0: detected capacity change from 0 to 40427 F2FS-fs loop0: Wrong SSA boundary, start3584 end4096 blocks3072 F2FS-fs loop0: Can't fi...
Linux Distros Unpatched Vulnerability : CVE-2025-40167
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: detect invalid INLINEDATA + EXTENTS flag combination syzbot reported a BUGON in ext4escacheextent when opening a verity file on a corrupted ext4 filesyste...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990860)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990860 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: pass u64 to ocfs2truncateinline maybe overflow Syzbot reported a kernel BUG in...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the detection of an invalid combination of INLINEDATA and EXTENTS flags, which could lead to file system...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990814)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990814 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix WARNING in ext4updateinlinedata Syzbot found the following issue: EXT4-fs loop0: mount...
CVE-2025-63307
alexusmai laravel-file-manager 3.3.1 is vulnerable to Cross Site Scripting XSS. The application permits user-controlled upload, create, and rename of files to HTML and SVG types and serves those files inline without adequate content-type validation or output sanitization...
PT-2025-45330
alexusmai laravel-file-manager 3.3.1 is vulnerable to Cross Site Scripting XSS. The application permits user-controlled upload, create, and rename of files to HTML and SVG types and serves those files inline without adequate content-type validation or output sanitization...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990525)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990525 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix bugon in ext4writepages we got issue as follows: EXT4-fs error device loop0:...