CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AstraLinux•added 5 days ago•7 views

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: ocfs2: Fixed data corruption caused by fallocate. When fallocate creates holes in the inode size, if the original size is located in the middle of the last cluster, then the portion of the block from the original size to the end ...

5.5CVSS6.1AI score0.00226EPSS

AstraLinux•added 5 days ago•2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: - In blkdeviomapbegin, the EOF check has been refined. - In blkdeviomapbegin, the offset is rounded down to the logical block size before being stored in iomap-offset. It is also checked that the size remains within the inode...

5.5CVSS5.7AI score0.00207EPSS

Cvelist•added 2026/05/27 12:58 p.m.•35 views

CVE-2026-46080 ocfs2: split transactions in dio completion to avoid credit exhaustion

In the Linux kernel, the following vulnerability has been resolved: ocfs2: split transactions in dio completion to avoid credit exhaustion During ocfs2 dio operations, JBD2 may report warnings via following call trace: ocfs2dioendiowrite ocfs2markextentwritten ocfs2changeextentflag ocfs2splitexte...

0.00177EPSS

Exploits0References8

EUVD•added 2026/05/27 12:58 p.m.•10 views

EUVD-2026-32463

5.7AI score0.00177EPSS

Exploits0References5

ATTACKERKB•added 2026/05/27 12:58 p.m.•8 views

CVE-2026-46080

5.7AI score0.00177EPSS

Exploits0References9Affected Software1

Positive Technologies•added 2026/05/27 12:0 a.m.•17 views

PT-2026-43947

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ocfs2 module where direct I/O DIO operations can lead to credit exhaustion in JBD2 Journaling Block Device, resulting in system warnings. This occurs during the...

9.8CVSS6.1AI score0.03663EPSS

Exploits14References284

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ocfs2: Fixed data corruption after conversion from inline format. The commit 6dbf7bb55598 “fs: Do not invalidate page buffers in blockwritefullpage” uncovered a latent bug in the conversion from inline inode format to a normal...

5.5CVSS6.2AI score0.0021EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•5 views

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: Fixed the issue where idisksize can exceed isize in partially written cases. It is possible for idisksize to exceed isize, triggering a warning. The code includes the following steps: - genericperformwrite: Copied =...

5.5CVSS6.2AI score0.00145EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux-5.10, linux

A use-after-free vulnerability was discovered in the Linux kernel’s ext4 file system, particularly regarding the handling of the additional inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors...

6.7CVSS6.6AI score0.00245EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в u-boot

An integer overflow occurs in the ext4fsreadsymlink function in Das U-Boot before version 2025.01-rc1. This issue arises due to the use of the zalloc function, which adds one to a le32 variable. This occurs through a crafted ext4 file system with an inode size of 0xffffffff. As a result, the mall...

7.1CVSS7.2AI score0.00365EPSS

Tenable Nessus•added 2026/05/20 12:0 a.m.•5 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021631)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021631 advisory. In the Linux kernel, the following vulnerability has been resolved: erofs: fix order = MAXORDER warning due to crafted negative isize As syzbot reported 1, the root...

5.5CVSS5.8AI score0.00146EPSS

Tenable Nessus•added 2026/05/20 12:0 a.m.•5 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021596)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021596 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: dax: fix overflowing extents beyond inode size when partially writing The daxiomaprw does t...

5.5CVSS5.8AI score0.00232EPSS

SUSE CVE•added 2026/05/07 2:19 a.m.•8 views

SUSE CVE-2026-43076

In the Linux kernel, the following vulnerability has been resolved: ocfs2: validate inline data isize during inode read When reading an inode from disk, ocfs2validateinodeblock performs various sanity checks but does not validate the size of inline data. If the filesystem is corrupted, an inode's...

7.8CVSS5.9AI score0.00131EPSS

SUSE CVE•added 2026/05/07 2:18 a.m.•8 views

SUSE CVE-2026-43118

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix zero size inode with non-zero size after log replay When logging that an inode exists, as part of logging a new name or logging new dir entries for a directory, we always set the generation of the logged inode item to ...

5.5CVSS5.8AI score0.00112EPSS

EUVD•added 2026/05/06 12:30 p.m.•4 views

EUVD-2026-27645

5.8AI score0.00112EPSS

NVD•added 2026/05/06 10:16 a.m.•8 views

CVE-2026-43118

5.5CVSS0.00112EPSS

CVE•added 2026/05/06 7:40 a.m.•14 views

CVE-2026-43118

This CVE-2026-43118 concerns a Btrfs log replay data integrity issue in the Linux kernel where truncating a file to zero and then creating a hardlink, followed by a power failure and log replay, could leave the original size unchanged. Root cause: during inode logging, a 0 generation is written f...

5.5CVSS5.8AI score0.00112EPSS

Exploits0References3Affected Software1

Cvelist•added 2026/05/06 7:40 a.m.•25 views

CVE-2026-43118 btrfs: fix zero size inode with non-zero size after log replay

0.00112EPSS