238 matches found
CVE-2026-36178
The factory reset functionality in GNCC GP5 v7.1.76 fails to clear sensitive cryptographic material in the JFFS2 configuration partition, possibly allowing attackers to recover and obtain sensitive user data...
PT-2026-46246
The factory reset functionality in GNCC GP5 v7.1.76 fails to clear sensitive cryptographic material in the JFFS2 configuration partition, possibly allowing attackers to recover and obtain sensitive user data...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: jffs2: Fixed potential illegal address access in jffs2freeinode. During the stress testing of the jffs2 file system, the following abnormal outputs were found: 2430.649000 Unable to handle kernel paging request at virtual...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: jffs2: fixed a memory leak in jffs2scanmedium If an error is returned in jffs2scaneraseblock, and some memory is added to the jffs2summary s, we can observe the following kmemleak report:...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: jffs2: check that raw nodes were preallocated before writing summary Syzkaller detected a kernel bug in jffs2linknoderef, caused by fault injection in jffs2preallocrawnoderefs. jffs2sumwritesumnode doesn't check return value of...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: jffs2: fixed a use-after-free in jffs2clearxattrsubsystem When we mount a jffs2 image, it is assumed that the first few blocks of the image are normal and contain at least one xattr-related inode. However, the next block is...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: jffs2: fix memory leak in jffs2domountfs If jffs2buildfilesystem in jffs2domountfs returns an error, we can observe the following kmemleak report: -------------------------------------------- unreferenced object 0xffff88811b25a64...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: jffs2: Prevent the xattr node from overflowing the eraseblock. A check has been added to ensure that the requested xattr node size is not larger than the eraseblock minus the cleanmarker. Unlike usual inode nodes, xattr nodes...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: jffs2: Prevent rtime decompression memory corruption The rtime decompression routine does not fully check bounds during the entire decompression process. As a result, it may corrupt memory outside the decompression buffer if the...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerabilities have been resolved: jffs2: fixed a memory leak in jffs2dofillsuper. If jffs2iget or dmakeroot in jffs2dofillsuper returns an error, we can observe the following kmemleak report: -------------------------------------------- Unreferenced object...
ROS-20260306-73-0022
A vulnerability in the jffs2preallocrawnoderefs function of the Linux kernel is related to a pointer dereference error. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
USN-7986-1 linux vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ceph distributed file system; - JFFS2 file system; - Timer subsystem; - USB sound devices; CVE-2024-26689,...
Azure Linux 3.0 Security Update: kernel (CVE-2025-38328)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38328 advisory. - In the Linux kernel, the following vulnerability has been resolved: jffs2: check jffs2preallocrawnoderefs...
Azure Linux 3.0 Security Update: kernel (CVE-2025-38194)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38194 advisory. - In the Linux kernel, the following vulnerability has been resolved: jffs2: check that raw node were...
USN-7774-1 linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-intel-iotg-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-oracle, linux-raspi, linux-xilinx-zynqmp vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA...
TencentOS Server 3: kernel (TSSA-2025:0434)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0434 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
TencentOS Server 2: kernel (TSSA-2025:0436)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0436 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990886)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990886 advisory. In the Linux kernel, the following vulnerability has been resolved: jffs2: prevent xattr node from overflowing the eraseblock Add a check to make sure that the...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990535)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990535 advisory. In the Linux kernel, the following vulnerability has been resolved: jffs2: fix memory leak in jffs2domountfs If jffs2buildfilesystem in jffs2domountfs returns an...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990637)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990637 advisory. In the Linux kernel, the following vulnerability has been resolved: jffs2: Fix potential illegal address access in jffs2freeinode During the stress testing of the...