22 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-45892
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: drop extent cache after doing PARTIALVALID1 zeroout When splitting an unwritten extent in the middle and converting it to initialized in ext4splitextent...
Linux Distros Unpatched Vulnerability : CVE-2026-43066
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: fix iloc.bh leak in ext4fcreplayinode error paths During code review, Joseph found that ext4fcreplayinode calls ext4getfcinodeloc to get the inode locatio...
Linux Distros Unpatched Vulnerability : CVE-2026-31449
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: validate pidx bounds in ext4extcorrectindexes ext4extcorrectindexes walks up the extent tree correcting index entries when the first extent in a leaf is...
CVE-2022-50782
CVE-2022-50782 is tied to an ext4 quota bug where a bad quota inode can bypass ext4 inode checks and trigger a BUG_ON in __es_tree_search. The issue chain involves ext4_fill_super -> ext4_enable_quotas -> ext4_iget -> ext4_ext_check_inode and can be exploited when s_usr_quota_inum equals...
Linux Distros Unpatched Vulnerability : CVE-2023-54153
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: turn quotas off if mount failed after enabling quotas Yi found during a review of the patch ext4: don't BUG on inconsistent journal feature that when...
Linux Distros Unpatched Vulnerability : CVE-2025-40361
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs: ext4: change GFPKERNEL to GFPNOFS to avoid deadlock The parent function ext4xattrinodelookupcreate already uses GFPNOFS for memory alloction, so the functio...
Linux Distros Unpatched Vulnerability : CVE-2025-68264
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: refresh inline data size before write operations The cached ei-iinlinesize can become stale between the initial size check and when...
Linux Distros Unpatched Vulnerability : CVE-2025-40198
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: avoid potential buffer over-read in parseapplysbmountoptions Unlike other strings in the ext4 superblock, we rely on tune2fs to make sure smountopts is NU...
Siemens SIMATIC S7-1500 Improper Resource Locking (CVE-2024-26772)
In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4mbfindbygoal Places the logic for checking if the group's block bitmap is corrupt under the protection of the group lock to avoid allocating blocks from the group with a...
Siemens SIMATIC S7-1500 NULL Pointer Dereference (CVE-2024-49881)
In the Linux kernel, the following vulnerability has been resolved: ext4: update origpath in ext4findextent. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if descripti...
Linux Distros Unpatched Vulnerability : CVE-2022-50512
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: fix potential memory leak in ext4fcrecordregions As krealloc may return NULL, in this case 'state-fcregions' may not be freed by krealloc, but...
EUVD-2022-54879
Malicious code in bioql PyPI...
CVE-2022-50436
CVE-2022-50436 : Linux kernel ext4 had a deadlock risk when ext4_unlink() extended the jbd2 transaction scope, because ext4_find_entry() could require setting up the directory encryption key inside a transaction. The fix restores the transaction to its original scope, preventing the deadlock. The...
Linux Distros Unpatched Vulnerability : CVE-2023-53285
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: add bounds checking in getmaxinlinexattrvaluesize Normally the extended attributes in the inode body would have been checked when the inode is first opene...
CVE-2022-50344 ext4: fix null-ptr-deref in ext4_write_info
In the Linux kernel, the following vulnerability has been resolved: ext4: fix null-ptr-deref in ext4writeinfo I caught a null-ptr-deref bug as follows: ================================================================== KASAN: null-ptr-deref in range 0x0000000000000068-0x000000000000006f CPU: 1 PI...
Linux Distros Unpatched Vulnerability : CVE-2022-50286
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: fix delayed allocation bug in ext4clumapped for bigalloc + inline When converting files with inline data to extents, delayed allocations made on a file...
Linux Distros Unpatched Vulnerability : CVE-2018-10877
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Linux kernel ext4 filesystem is vulnerable to an out-of-bound access in the ext4extdroprefs function when operating on a crafted ext4 filesystem image...
Linux Distros Unpatched Vulnerability : CVE-2022-49880
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: fix warning in 'ext4dareleasespace' Syzkaller report issue as follows: EXT4-fs loop0: Free/Dirty block details EXT4-fs loop0: freeblocks=0 EXT4-fs loop0:...
Linux Distros Unpatched Vulnerability : CVE-2023-53101
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: zero idisksize when initializing the bootloader inode If the boot loader inode has never been used before, the EXT4IOCSWAPBOOT inode will initialize it,...
CVE-2018-10876
A flaw was found in Linux kernel in the ext4 filesystem code. A use-after-free is possible in ext4extremovespace function when mounting and operating a crafted ext4 image...