314 matches found
CVE-2025-68791
A reference count leak flaw was found in the Linux kernel's FUSE filesystem when using iouring for argument copies. The copyfinish function is not called in error paths, causing page reference counts to leak. This can lead to memory being pinned indefinitely and potential resource exhaustion...
SUSE CVE-2025-68791
In the Linux kernel, the following vulnerability has been resolved: fuse: missing copyfinish in fuse-over-io-uring argument copies Fix a possible reference count leak of payload pages during fuse argument copies. Joanne: simplified error cleanup...
SUSE CVE-2025-68805
In the Linux kernel, the following vulnerability has been resolved: fuse: fix io-uring list corruption for terminated non-committed requests When a request is terminated before it has been committed, the request is not removed from the queue's list. This leaves a dangling list entry that leads to...
CVE-2025-68805
In the Linux kernel, the following vulnerability has been resolved: fuse: fix io-uring list corruption for terminated non-committed requests When a request is terminated before it has been committed, the request is not removed from the queue's list. This leaves a dangling list entry that leads to...
CVE-2025-68805
In the Linux kernel, the following vulnerability has been resolved: fuse: fix io-uring list corruption for terminated non-committed requests When a request is terminated before it has been committed, the request is not removed from the queue's list. This leaves a dangling list entry that leads to...
UBUNTU-CVE-2025-68791
In the Linux kernel, the following vulnerability has been resolved: fuse: missing copyfinish in fuse-over-io-uring argument copies Fix a possible reference count leak of payload pages during fuse argument copies. Joanne: simplified error cleanup...
CVE-2025-68791
In the Linux kernel, the following vulnerability has been resolved: fuse: missing copyfinish in fuse-over-io-uring argument copies Fix a possible reference count leak of payload pages during fuse argument copies. Joanne: simplified error cleanup...
CVE-2025-68805
In the Linux kernel, the following vulnerability has been resolved: fuse: fix io-uring list corruption for terminated non-committed requests When a request is terminated before it has been committed, the request is not removed from the queue's list. This leaves a dangling list entry that leads to...
UBUNTU-CVE-2025-68805
In the Linux kernel, the following vulnerability has been resolved: fuse: fix io-uring list corruption for terminated non-committed requests When a request is terminated before it has been committed, the request is not removed from the queue's list. This leaves a dangling list entry that leads to...
CVE-2025-68805 fuse: fix io-uring list corruption for terminated non-committed requests
In the Linux kernel, the following vulnerability has been resolved: fuse: fix io-uring list corruption for terminated non-committed requests When a request is terminated before it has been committed, the request is not removed from the queue's list. This leaves a dangling list entry that leads to...
CVE-2025-68805 fuse: fix io-uring list corruption for terminated non-committed requests
In the Linux kernel, the following vulnerability has been resolved: fuse: fix io-uring list corruption for terminated non-committed requests When a request is terminated before it has been committed, the request is not removed from the queue's list. This leaves a dangling list entry that leads to...
CVE-2025-68805
CVE-2025-68805 (fuse/io_uring) is addressed in OS/kernel security updates. Root cause: when an io-uring request is terminated before being committed, it remained in the queue, creating a dangling list entry that caused list corruption and use-after-free. Impact: potential corruption of the queue’...
CVE-2025-68791 fuse: missing copy_finish in fuse-over-io-uring argument copies
In the Linux kernel, the following vulnerability has been resolved: fuse: missing copyfinish in fuse-over-io-uring argument copies Fix a possible reference count leak of payload pages during fuse argument copies. Joanne: simplified error cleanup...
CVE-2025-68791 fuse: missing copy_finish in fuse-over-io-uring argument copies
In the Linux kernel, the following vulnerability has been resolved: fuse: missing copyfinish in fuse-over-io-uring argument copies Fix a possible reference count leak of payload pages during fuse argument copies. Joanne: simplified error cleanup...
CVE-2025-68791
CVE-2025-68791 affects the Linux kernel fuse subsystem: fuse-over-io-uring argument copies could leak payload page references due to a missing reference-count cleanup in copy_finish. The connected OSV entries (OESA-2026-1305 and OSV:OESA-2026-1304) document kernel security updates that include th...
CVE-2025-68791
In the Linux kernel, the following vulnerability has been resolved: fuse: missing copyfinish in fuse-over-io-uring argument copies Fix a possible reference count leak of payload pages during fuse argument copies. Joanne: simplified error cleanup...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: iouring/zctx: Check chained notification contexts. Send zc only when there are links in ubufinfo for requests coming from the same context. There are some ambiguous reports from syz, so let’s examine the assumption regarding...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the lack of copyfinish in the copy of fuse-over-io-uring parameter, which could lead to a reference count le...
Linux Distros Unpatched Vulnerability : CVE-2025-68805
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: fuse: fix io-uring list corruption for terminated non-committed requests When a request is...
MiracleLinux 9 : kernel-5.14.0-611.9.1.el9_7 (AXSA:2025-11506:95)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11506:95 advisory. kernel: firmware: armscpi: Ensure scpiinfo is not assigned if the probe fails CVE-2022-50087 kernel: sunrpc: fix client side handling of tls alerts...