Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: jffs2: checks that the raw node was preallocated before writing the summary. Syzkaller detected a kernel bug in jffs2linknoderef, caused by a fault injection in jffs2preallocrawnoderefs. jffs2sumwritesumnode does not check the...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: jffs2: Fixed potential illegal address access in jffs2freeinode. During the stress testing of the jffs2 file system, the following abnormal outputs were found: 2430.649000 Unable to handle kernel paging request at virtual...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: jffs2: fixed a memory leak in jffs2scanmedium If an error is returned in jffs2scaneraseblock, and some memory is added to the jffs2summary s, we can observe the following kmemleak report:...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: jffs2: Fix for use-after-free in jffs2clearxattrsubsystem When we mount a jffs2 image, it is assumed that the first few blocks of the image are normal and contain at least one xattr-related inode. However, the next block may be...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: jffs2: fixed a memory leak in jffs2domountfs. If jffs2buildfilesystem in jffs2domountfs returns an error, we can observe the following kmemleak report: -------------------------------------------- unreferenced object...

CVE-2026-36178

The factory reset functionality in GNCC GP5 v7.1.76 fails to clear sensitive cryptographic material in the JFFS2 configuration partition, possibly allowing attackers to recover and obtain sensitive user data...

PT-2026-46246

The factory reset functionality in GNCC GP5 v7.1.76 fails to clear sensitive cryptographic material in the JFFS2 configuration partition, possibly allowing attackers to recover and obtain sensitive user data...

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: jffs2: fixed a memory leak in jffs2dofillsuper. If jffs2iget or dmakeroot in jffs2dofillsuper returns an error, we can observe the following kmemleak report: -------------------------------------------- unreferenced object...

ROS-20260306-73-0022

A vulnerability in the jffs2preallocrawnoderefs function of the Linux kernel is related to a pointer dereference error. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

USN-7986-1 linux vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ceph distributed file system; - JFFS2 file system; - Timer subsystem; - USB sound devices; CVE-2024-26689,...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38328)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38328 advisory. - In the Linux kernel, the following vulnerability has been resolved: jffs2: check jffs2preallocrawnoderefs...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38194)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38194 advisory. - In the Linux kernel, the following vulnerability has been resolved: jffs2: check that raw node were...

USN-7774-1 linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-intel-iotg-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-oracle, linux-raspi, linux-xilinx-zynqmp vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA...

TencentOS Server 2: kernel (TSSA-2025:0436)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0436 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...

TencentOS Server 3: kernel (TSSA-2025:0434)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0434 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990886)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990886 advisory. In the Linux kernel, the following vulnerability has been resolved: jffs2: prevent xattr node from overflowing the eraseblock Add a check to make sure that the...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990535)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990535 advisory. In the Linux kernel, the following vulnerability has been resolved: jffs2: fix memory leak in jffs2domountfs If jffs2buildfilesystem in jffs2domountfs returns an...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990637)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990637 advisory. In the Linux kernel, the following vulnerability has been resolved: jffs2: Fix potential illegal address access in jffs2freeinode During the stress testing of the...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990486)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990486 advisory. In the Linux kernel, the following vulnerability has been resolved: jffs2: fix memory leak in jffs2dofillsuper If jffs2iget or dmakeroot in jffs2dofillsuper returns ...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990527)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990527 advisory. In the Linux kernel, the following vulnerability has been resolved: jffs2: fix memory leak in jffs2scanmedium If an error is returned in jffs2scaneraseblock and some...