Linux Distros Unpatched Vulnerability : CVE-2025-71292

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jfs: nlink overflow in jfsrename If nlink is maximal for a directory -1 and inside that directory you perform a rename for some child directory not moving from...

EUVD-2004-0181

Malware in sbrugna...

EUVD-2002-1599

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2025-39743

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jfs: truncate good inode pages when hard link is 0 The fileset value of the inode copy from the disk by the reproducer is AGGRRESERVEDI. When executing evict, i...

UBUNTU-CVE-2025-38697

In the Linux kernel, the following vulnerability has been resolved: jfs: upper bound check of tree index in dbAllocAG When computing the tree index in dbAllocAG, we never check if we are out of bounds realative to the size of the stree. This could happen in a scenario where the filesystem metadat...

CVE-2025-38204 jfs: fix array-index-out-of-bounds read in add_missing_indices

In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds read in addmissingindices stbl is s8 but it must contain offsets into slot which can go from 0 to 127. Added a bound check for that error and return -EIO if the check fails. Also make jfsreaddir...

CVE-2025-37741 jfs: Prevent copying of nlink with value 0 from disk inode

In the Linux kernel, the following vulnerability has been resolved: jfs: Prevent copying of nlink with value 0 from disk inode syzbot report a deadlock in diFree. 1 When calling "ioctl$LOOPSETSTATUS64", the offset value passed in is 4, which does not match the mounted loop device, causing the...

CVE-2025-37740 jfs: add sanity check for agwidth in dbMount

In the Linux kernel, the following vulnerability has been resolved: jfs: add sanity check for agwidth in dbMount The width in dmapctl of the AG is zero, it trigger a divide error when calculating the control page level in dbAllocAG. To avoid this issue, add a check for agwidth in dbAllocAG...

CVE-2025-37925

In the Linux kernel, the following vulnerability has been resolved: jfs: reject on-disk inodes of an unsupported type Syzbot has reported the following BUG: kernel BUG at fs/inode.c:668! Oops: invalid opcode: 0000 1 PREEMPT SMP KASAN PTI CPU: 3 UID: 0 PID: 139 Comm: jfsCommit Not tainted...

CVE-2025-37925

The CVE-2025-37925 entry concerns a Linux kernel vulnerability in the JFS filesystem. When finalizing an on-disk inode, clear_inode() could encounter an unknown type and trigger a kernel BUG; the root cause is an invalid handling path for on-disk inode types, where types 5–15 are reserved. The fi...

CVE-2024-56597

In the Linux kernel, the following vulnerability has been resolved: jfs: fix shift-out-of-bounds in dbSplit When dmtbudmin is less than zero, it causes errors in the later stages. Added a check to return an error beforehand in dbAllocCtl itself...

CVE-2024-56597 jfs: fix shift-out-of-bounds in dbSplit

In the Linux kernel, the following vulnerability has been resolved: jfs: fix shift-out-of-bounds in dbSplit When dmtbudmin is less than zero, it causes errors in the later stages. Added a check to return an error beforehand in dbAllocCtl itself...

CVE-2024-56598 jfs: array-index-out-of-bounds fix in dtReadFirst

In the Linux kernel, the following vulnerability has been resolved: jfs: array-index-out-of-bounds fix in dtReadFirst The value of stbl can be sometimes out of bounds due to a bad filesystem. Added a check with appopriate return of error code in that case...

CVE-2024-56598 jfs: array-index-out-of-bounds fix in dtReadFirst

In the Linux kernel, the following vulnerability has been resolved: jfs: array-index-out-of-bounds fix in dtReadFirst The value of stbl can be sometimes out of bounds due to a bad filesystem. Added a check with appopriate return of error code in that case...

CVE-2024-56598

Technical details about CVE-2024-56598 (Linux kernel jfs: array-index-out-of-bounds in dtReadFirst) are not provided in the connected documents. Please monitor for updates.

CVE-2024-56595

In the Linux kernel, the following vulnerability has been resolved: jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree When the value of lp is 0 at the beginning of the for loop, it will become negative in the next assignment and we should bail out...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a displacement out-of-bounds issue in the dbSplit function in the jfs file system...

CVE-2024-47723

In the Linux kernel, the following vulnerability has been resolved: jfs: fix out-of-bounds in dbNextAG and diAlloc In dbNextAG , there is no check for the case where bmp-dbnumag is greater or same than MAXAG due to a polluted image, which causes an out-of-bounds. Therefore, a bounds check should ...

USN-7028-2 linux-azure vulnerabilities

It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service system crash. Several security issues were discovered in the Linux kernel. An attacker could possibly use...

USN-7005-1 linux-nvidia, linux-nvidia-lowlatency vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2024-23848 It was discovered that the JFS file system contained an...