EUVD-2026-32428

In the Linux kernel, the following vulnerability has been resolved: ext4: fix missing brelse in ext4xattrinodedecrefall The commit c8e008b60492 "ext4: ignore xattrs past end" introduced a refcount leak in when blockcsum is false. ext4xattrinodedecrefall calls ext4getinodeloc to get iloc.bh, but...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the function ext4xattr inodedecrefall not releasing iloc.bh properly, resulting in a leak of the...

SUSE CVE-2025-68821

In the Linux kernel, the following vulnerability has been resolved: fuse: fix readahead reclaim deadlock Commit e26ee4efbc79 "fuse: allocate ff-releaseargs only if release is needed" skips allocating ff-releaseargs if the server does not implement open. However in doing so, fusepreparerelease now...

CVE-2025-68821

In the Linux kernel, the following vulnerability has been resolved: fuse: fix readahead reclaim deadlock Commit e26ee4efbc79 "fuse: allocate ff-releaseargs only if release is needed" skips allocating ff-releaseargs if the server does not implement open. However in doing so, fusepreparerelease now...

CVE-2025-68821

In the Linux kernel, the following vulnerability has been resolved: fuse: fix readahead reclaim deadlock Commit e26ee4efbc79 "fuse: allocate ff-releaseargs only if release is needed" skips allocating ff-releaseargs if the server does not implement open. However in doing so, fusepreparerelease now...

PT-2026-2590

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The F2FS filesystem, when mounting filesystems with corrupted directory depth values, can experience issues with dentry cache invalidation during rename operations involving whiteouts...

PT-2026-2553

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to the FUSE Filesystem in Userspace implementation. A deadlock situation can occur when readahead requests interact with inode eviction and recla...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993293)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993293 advisory. In the Linux kernel, the following vulnerability has been resolved: NFSv4.2 fix problems with nfs42sscopen A destination server while doing a COPY shouldn't accept...

CVE-2023-53846

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on direct node in truncatednode syzbot reports below bug: BUG: KASAN: slab-use-after-free in f2fstruncatedatablocksrange+0x122a/0x14c0 fs/f2fs/file.c:574 Read of size 4 at addr ffff88802a25c000 by tas...

DEBIAN-CVE-2023-53846

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on direct node in truncatednode syzbot reports below bug: BUG: KASAN: slab-use-after-free in f2fstruncatedatablocksrange+0x122a/0x14c0 fs/f2fs/file.c:574 Read of size 4 at addr ffff88802a25c000 by tas...

ext4: guard against EA inode refcount underflow in xattr update

...

CVE-2025-40190 ext4: guard against EA inode refcount underflow in xattr update

In the Linux kernel, the following vulnerability has been resolved: ext4: guard against EA inode refcount underflow in xattr update syzkaller found a path where ext4xattrinodeupdateref reads an EA inode refcount that is already ref underflow: refcount=-1 refchange=-1 EXT4-fs warning: eainode dec...

EUVD-2020-4272

Malware in sbrugna...

EUVD-2022-54491

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-35935

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: send: handle path ref underflow in header iterateinoderef Change BUGON to proper error handling if building the path buffer fails. The pointers are not...

Linux Distros Unpatched Vulnerability : CVE-2020-11935

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was discovered that aufs improperly managed inode reference counts in the vfsubdentryopen method. A local attacker could use this vulnerability to cause a...

kernel: ext4: ignore xattrs past end

A use-after-free vulnerability has been discovered in the Linux kernel, specifically within the ext4xattrinodedecrefall function related to the ext4 filesystem's extended attributes. An attacker could exploit this flaw by providing a specially crafted payload, leading to a denial of service...

kernel: ext4: ignore xattrs past end

A use-after-free vulnerability has been discovered in the Linux kernel, specifically within the ext4xattrinodedecrefall function related to the ext4 filesystem's extended attributes. An attacker could exploit this flaw by providing a specially crafted payload, leading to a denial of service...

SUSE CVE-2022-50006

In the Linux kernel, the following vulnerability has been resolved: NFSv4.2 fix problems with nfs42sscopen A destination server while doing a COPY shouldn't accept using the passed in filehandle if its not a regular filehandle. If allocfilepseudo has failed, we need to decrement a reference on th...

DEBIAN-CVE-2022-50006

In the Linux kernel, the following vulnerability has been resolved: NFSv4.2 fix problems with nfs42sscopen A destination server while doing a COPY shouldn't accept using the passed in filehandle if its not a regular filehandle. If allocfilepseudo has failed, we need to decrement a reference on th...