Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: compress: does not allow unaligned truncation on released compress inode An F2FS image may become corrupted after performing the following test cases: - mkfs.f2fs -O extraattr,compression -f /dev/vdb - mount /dev/vdb...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: jfs: Truncating of good inode pages occurs when the hard link is 0. The value of the fileset for the inode copy from the disk by the reproducer is AGGRRESERVEDI. When evicting, its hard link number is 0, so its inode pages are no...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed to avoid out-of-bounds access in f2fstruncateinodeblocks syzbot reports an UBSAN issue as follows: ------------ cut here --- UBSAN: Array index out of bounds in fs/f2fs/node.h:381:10 Index 18446744073709550692 is out ...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003364)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003364 advisory. A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation removal. The new file created wi...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003019)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003019 advisory. A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation removal. The new file created wi...

SUSE CVE-2023-53846

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on direct node in truncatednode syzbot reports below bug: BUG: KASAN: slab-use-after-free in f2fstruncatedatablocksrange+0x122a/0x14c0 fs/f2fs/file.c:574 Read of size 4 at addr ffff88802a25c000 by tas...

DEBIAN-CVE-2023-53846

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on direct node in truncatednode syzbot reports below bug: BUG: KASAN: slab-use-after-free in f2fstruncatedatablocksrange+0x122a/0x14c0 fs/f2fs/file.c:574 Read of size 4 at addr ffff88802a25c000 by tas...

UBUNTU-CVE-2023-53846

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on direct node in truncatednode syzbot reports below bug: BUG: KASAN: slab-use-after-free in f2fstruncatedatablocksrange+0x122a/0x14c0 fs/f2fs/file.c:574 Read of size 4 at addr ffff88802a25c000 by tas...

CVE-2023-53846

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on direct node in truncatednode syzbot reports below bug: BUG: KASAN: slab-use-after-free in f2fstruncatedatablocksrange+0x122a/0x14c0 fs/f2fs/file.c:574 Read of size 4 at addr ffff88802a25c000 by tas...

CVE-2023-53846

CVE-2023-53846: In the Linux kernel f2fs, a direct node truncation path could traverse node addr mappings out of bounds, causing slab-use-after-free. The fix adds a sanity check on the dnode page during truncate_dnode() to prevent out-of-bound access and to record an ERROR_INVALID_NODE_REFERENCE ...

Linux Distros Unpatched Vulnerability : CVE-2025-40137

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - f2fs: fix to truncate first page in error path of f2fstruncate syzbot reports a bug as below: loop0: detected capacity change from 0 to 40427 F2FS-fs loop0: Wro...

Linux Distros Unpatched Vulnerability : CVE-2022-50435

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: avoid crash when inline data creation follows DIO write When inode is created and written to using direct IO, there is nothing to clear the...

EUVD-2025-13073

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-39743

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jfs: truncate good inode pages when hard link is 0 The fileset value of the inode copy from the disk by the reproducer is AGGRRESERVEDI. When executing evict, i...

SUSE CVE-2025-39743

In the Linux kernel, the following vulnerability has been resolved: jfs: truncate good inode pages when hard link is 0 The fileset value of the inode copy from the disk by the reproducer is AGGRRESERVEDI. When executing evict, its hard link number is 0, so its inode pages are not truncated. This...

CVE-2025-39743

In the Linux kernel, the following vulnerability has been resolved: jfs: truncate good inode pages when hard link is 0 The fileset value of the inode copy from the disk by the reproducer is AGGRRESERVEDI. When executing evict, its hard link number is 0, so its inode pages are not truncated. This...

CVE-2025-39743 jfs: truncate good inode pages when hard link is 0

In the Linux kernel, the following vulnerability has been resolved: jfs: truncate good inode pages when hard link is 0 The fileset value of the inode copy from the disk by the reproducer is AGGRRESERVEDI. When executing evict, its hard link number is 0, so its inode pages are not truncated. This...

CVE-2025-39743

CVE-2025-39743 refers to a Linux kernel vulnerability in the JFS file system where inode pages were not truncated during eviction when the inode’s hard link count was 0. The reproducer observed AGGR_RESERVED_I on the inode copy and eviction with hard link 0, causing clear_inode() to trigger becau...

Linux Distros Unpatched Vulnerability : CVE-2025-37739

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - f2fs: fix to avoid out-of-bounds access in f2fstruncateinodeblocks syzbot reports an UBSAN issue as below: ------------ cut here ------------ UBSAN:...

PT-2025-37202

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel where inode pages are not truncated when the hard link number is zero, specifically within the jfs filesystem. This occurs when the fileset value of t...