26 matches found
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: nilfs2: Fixing inode number range checks The patch series “nilfs2: Fixing potential issues related to reserved inodes” addresses one use-after-free issue reported by syzbot. This issue arises due to the internal inode of nilfs...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Do not cause overflow in the peek function. When we started assigning new inode numbers to most of the 64-bit inode space, it triggered some edge-case bugs, particularly some integer overflows related to...
CVE-2026-31673 af_unix: read UNIX_DIAG_VFS data under unix_state_lock
In the Linux kernel, the following vulnerability has been resolved: afunix: read UNIXDIAGVFS data under unixstatelock Exact UNIX diag lookups hold a reference to the socket, but not to u-path. Meanwhile, unixreleasesock clears u-path under unixstatelock and drops the path reference after unlockin...
CVE-2026-31673
In the Linux kernel, the following vulnerability has been resolved: afunix: read UNIXDIAGVFS data under unixstatelock Exact UNIX diag lookups hold a reference to the socket, but not to u-path. Meanwhile, unixreleasesock clears u-path under unixstatelock and drops the path reference after unlockin...
CVE-2026-31673
The connected sources describe a Linux kernel vulnerability CVE-2026-31673 in the af_unix/UNIX_DIAG_VFS path. A race condition can occur when reading inode and device numbers for UNIX_DIAG_VFS without holding unix_state_lock consistently while u->path may be cleared by unix_release_sock(). The...
PT-2026-35133
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the af unix module where exact UNIX diag lookups hold a reference to the socket but not to u-path. The unix release sock function clears u-path under the unix state lo...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992818)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992818 advisory. In the Linux kernel, the following vulnerability has been resolved: fs: fix UAF/GPF bug in nilfsmdtdestroy In allocinode, inodeinitalways could return -ENOMEM if...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990420)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990420 advisory. In the Linux kernel, the following vulnerability has been resolved: nilfs2: add missing check for inode numbers on directory entries Syzbot reported that mounting an...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986604)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986604 advisory. In the Linux kernel, the following vulnerability has been resolved: nilfs2: add missing check for inode numbers on directory entries Syzbot reported that mounting an...
PT-2025-29069
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 Description: A flaw exists in the f2fs file system within the Linux kernel related to insufficient sanity checks on inode numbers ino and extended attribute inode numbers...
kernel: lib/generic-radix-tree.c: Don't overflow in peek()
In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Don't overflow in peek When we started spreading new inode numbers throughout most of the 64 bit inode space, that triggered some corner case bugs, in particular some integer overflows related to the rad...
kernel: lib/generic-radix-tree.c: Don't overflow in peek()
In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Don't overflow in peek When we started spreading new inode numbers throughout most of the 64 bit inode space, that triggered some corner case bugs, in particular some integer overflows related to the rad...
kernel: lib/generic-radix-tree.c: Don't overflow in peek()
In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Don't overflow in peek When we started spreading new inode numbers throughout most of the 64 bit inode space, that triggered some corner case bugs, in particular some integer overflows related to the rad...
kernel: lib/generic-radix-tree.c: Don't overflow in peek()
In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Don't overflow in peek When we started spreading new inode numbers throughout most of the 64 bit inode space, that triggered some corner case bugs, in particular some integer overflows related to the rad...
SUSE CVE-2024-42104
In the Linux kernel, the following vulnerability has been resolved: nilfs2: add missing check for inode numbers on directory entries Syzbot reported that mounting and unmounting a specific pattern of corrupted nilfs2 filesystem images causes a use-after-free of metadata file inodes, which trigger...
CVE-2024-42104
In the Linux kernel, the following vulnerability has been resolved: nilfs2: add missing check for inode numbers on directory entries Syzbot reported that mounting and unmounting a specific pattern of corrupted nilfs2 filesystem images causes a use-after-free of metadata file inodes, which trigger...
DEBIAN-CVE-2024-42104
In the Linux kernel, the following vulnerability has been resolved: nilfs2: add missing check for inode numbers on directory entries Syzbot reported that mounting and unmounting a specific pattern of corrupted nilfs2 filesystem images causes a use-after-free of metadata file inodes, which trigger...
UBUNTU-CVE-2024-42104
In the Linux kernel, the following vulnerability has been resolved: nilfs2: add missing check for inode numbers on directory entries Syzbot reported that mounting and unmounting a specific pattern of corrupted nilfs2 filesystem images causes a use-after-free of metadata file inodes, which trigger...
CVE-2024-42104 nilfs2: add missing check for inode numbers on directory entries
In the Linux kernel, the following vulnerability has been resolved: nilfs2: add missing check for inode numbers on directory entries Syzbot reported that mounting and unmounting a specific pattern of corrupted nilfs2 filesystem images causes a use-after-free of metadata file inodes, which trigger...
CVE-2024-42104
CVE-2024-42104 affects the Linux kernel’s nilfs2 filesystem. A missing check for inode numbers on directory entries allows internal inodes (metadata files) to be exposed in the namespace, potentially causing a use-after-free of metadata file inodes and kernel bugs in lru_add_fn() when mounting/un...