17 matches found
md/raid5: validate payload size before accessing journal metadata
...
SUSE CVE-2026-46070
In the Linux kernel, the following vulnerability has been resolved: md/raid5: validate payload size before accessing journal metadata r5crecoveryanalyzemetablock and r5lrecoveryverifydatachecksumformb iterate over payloads in a journal metadata block using on-disk payload size fields without...
CVE-2026-46070
In the Linux kernel, the following vulnerability has been resolved: md/raid5: validate payload size before accessing journal metadata r5crecoveryanalyzemetablock and r5lrecoveryverifydatachecksumformb iterate over payloads in a journal metadata block using on-disk payload size fields without...
UBUNTU-CVE-2026-46070
In the Linux kernel, the following vulnerability has been resolved: md/raid5: validate payload size before accessing journal metadata r5crecoveryanalyzemetablock and r5lrecoveryverifydatachecksumformb iterate over payloads in a journal metadata block using on-disk payload size fields without...
CVE-2026-46070
In the Linux kernel, the following vulnerability has been resolved: md/raid5: validate payload size before accessing journal metadata r5crecoveryanalyzemetablock and r5lrecoveryverifydatachecksumformb iterate over payloads in a journal metadata block using on-disk payload size fields without...
EUVD-2026-32452
In the Linux kernel, the following vulnerability has been resolved: md/raid5: validate payload size before accessing journal metadata r5crecoveryanalyzemetablock and r5lrecoveryverifydatachecksumformb iterate over payloads in a journal metadata block using on-disk payload size fields without...
CVE-2026-46070 md/raid5: validate payload size before accessing journal metadata
In the Linux kernel, the following vulnerability has been resolved: md/raid5: validate payload size before accessing journal metadata r5crecoveryanalyzemetablock and r5lrecoveryverifydatachecksumformb iterate over payloads in a journal metadata block using on-disk payload size fields without...
CVE-2026-46070
CVE-2026-46070 pertains to the Linux kernel md/raid5 path where journal metadata blocks could be overrun due to missing validation of on-disk payload sizes. r5c_recovery_analyze_meta_block() and r5l_recovery_verify_data_checksum_for_mb() may read or offset beyond a page boundary when payload size...
CVE-2026-46070
In the Linux kernel, the following vulnerability has been resolved: md/raid5: validate payload size before accessing journal metadata r5crecoveryanalyzemetablock and r5lrecoveryverifydatachecksumformb iterate over payloads in a journal metadata block using on-disk payload size fields without...
CVE-2026-46070
md/raid5: validate payload size before accessing journal metadata...
PT-2026-43937
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description An issue exists in the md/raid5 component where the functions r5c recovery analyze meta block and r5l recovery verify data...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: jbd2: The assertion “jh-bfrozendata == NULL” failed when the journal was aborted. The following process will fail the assertion “jh-bfrozendata == NULL” in jbd2journaldirtymetadata: jbd2journalcommitTransaction; unlinkdir/a; jh-b...
Azure Linux 3.0 Security Update: kernel (CVE-2025-38337)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38337 advisory. - In the Linux kernel, the following vulnerability has been resolved: jbd2: fix data-race and null-ptr-deref i...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002586)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002586 advisory. A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write in jbd2journaldirtymetadata, a denial of service, and a system...
SUSE CVE-2025-38337
In the Linux kernel, the following vulnerability has been resolved: jbd2: fix data-race and null-ptr-deref in jbd2journaldirtymetadata Since handle-htransaction may be a NULL pointer, so we should change it to call ishandleabortedhandle first before dereferencing it. And the following data-race w...
SUSE CVE-2018-10883
A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write in jbd2journaldirtymetadata, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image...
UBUNTU-CVE-2018-10883
A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write in jbd2journaldirtymetadata, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image...