CVE-2026-41013

Input validation bypass in SMB volume mount handling in CloudFoundry Foundation diego-release allows low-privileged CF space developer to inject arbitrary kernel CIFS mount options via bypassing the mount-option allowlist, enabling privilege escalation and security control bypass on multi-tenant...

CVE-2023-54194

In the Linux kernel, the following vulnerability has been resolved: exfat: use kvmallocarray/kvfree instead of kmallocarray/kfree The call stack shown below is a scenario in the Linux 4.19 kernel. Allocating memory failed where exfat fs use kmallocarray due to system memory fragmentation, while t...

EUVD-2022-55791

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix memory leak in ocfs2mountvolume There is a memory leak reported by kmemleak: unreferenced object 0xffff88810cc65e60 size 32: comm "mount.ocfs2", pid 23753, jiffies 4302528942 age 34735.105s hex dump first 32 bytes: 10 ...

CVE-2022-50739

The connected docs confirm CVE-2022-50739 affects the Linux kernel's ntfs3 filesystem. Root cause: missing validation of inode's i_op pointer after reading the Root directory MFT, which can cause a NULL pointer dereference when mounting an image with a malformed Root directory MFT record. The fix...

CVE-2022-50739 fs/ntfs3: Add null pointer check for inode operations

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add null pointer check for inode operations This adds a sanity check for the iop pointer of the inode which is returned after reading Root directory MFT record. We should check the iop is valid before trying to create t...

Linux Distros Unpatched Vulnerability : CVE-2025-38728

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb3: fix for slab out of bounds on mount to ksmbd With KASAN enabled, it is possible to get a slab out of bounds during mount to ksmbd due to missing check in...

CVE-2025-21963 cifs: Fix integer overflow while processing acdirmax mount option

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing acdirmax mount option User-provided mount parameter acdirmax of type u32 is intended to have an upper limit, but before it is validated, the value is converted from seconds to jiffies...

CVE-2025-2312

A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead to disclosing sensitive data from the host's Kerberos credentials cache...

SUSE CVE-2022-49381

In the Linux kernel, the following vulnerability has been resolved: jffs2: fix memory leak in jffs2dofillsuper If jffs2iget or dmakeroot in jffs2dofillsuper returns an error, we can observe the following kmemleak report: -------------------------------------------- unreferenced object...

CVE-2022-49408 ext4: fix memory leak in parse_apply_sb_mount_options()

In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leak in parseapplysbmountoptions If processing the on-disk mount options fails after any memory was allocated in the ext4fscontext, e.g. sqfnames, then this memory is leaked. Fix this by calling ext4fcfree instea...

ALPINE-CVE-2022-30783

An invalid return code in fusekernmount enables intercepting of libfuse-lite protocol traffic between NTFS-3G and the kernel in NTFS-3G through 2021.8.22 when using libfuse-lite...

UBUNTU-CVE-2022-30783

An invalid return code in fusekernmount enables intercepting of libfuse-lite protocol traffic between NTFS-3G and the kernel in NTFS-3G through 2021.8.22 when using libfuse-lite...

Tuxera NTFS-3G 代码注入漏洞

Tuxera NTFS-3G is an open-source, cross-platform set of drivers from Tuxera Finland for supporting read and write NTFS partitions.A code injection vulnerability exists in Tuxera NTFS-3G, which stems from the presence of an invalid return code in fusekernmount. No detailed vulnerability details ar...

DEBIAN-CVE-2019-19927

In the Linux kernel 5.0.0-rc7 as distributed in ubuntu/linux.git on kernel.ubuntu.com, mounting a crafted f2fs filesystem image and performing some operations can lead to slab-out-of-bounds read access in ttmputpages in drivers/gpu/drm/ttm/ttmpagealloc.c. This is related to the vmwgfx or ttm modu...