109 matches found
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: btrfs: Do not log conflicting inodes if it’s a directory that was moved during the current transaction. We cannot log an conflicting inode if it’s a directory that was moved from one parent directory to another parent directory...
Astra Linux – Vulnerability in Linux 5.15
A use-after-free flaw was discovered in the Linux kernel, specifically in the logreplay function within fs/ntfs3/fslog.c in the NTFS journal. This flaw allows a local attacker to crash the system and causes a kernel information leak...
CVE-2026-46160 btrfs: fix missing last_unlink_trans update when removing a directory
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix missing lastunlinktrans update when removing a directory When removing a directory we are not updating its lastunlinktrans field, which can result in incorrect fsync behaviour in case some one fsyncs the directory afte...
CVE-2026-46160
CVE-2026-46160 concerns the Linux kernel’s Btrfs filesystem: when removing a directory, last_unlink_trans is not updated, which can lead to incorrect fsync behavior if a directory with an open file descriptor is fsynced after removal. This can cause log replay during mount to fail with -EIO, pote...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: btrfs: Fixed a NULL pointer dereference issue in doabortlogreplay. Coverity reported a NULL pointer dereference issue CID 1666756 in doabortlogreplay. When btrfsallocpath fails in replayonebuffer, wc-subvolpath becomes NULL...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: btrfs: fixed invalid inode pointer dereferences during log replay. In a few places where we call readoneinode, if we receive a NULL pointer, we end up entering an error path. This issue also occurs in cases where add inoderef is...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel up to version 6.2.7, fs/ntfs3/inode.c contains an invalid kfree function because it does not validate the MFT flags before replaying logs...
SUSE CVE-2026-43118
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix zero size inode with non-zero size after log replay When logging that an inode exists, as part of logging a new name or logging new dir entries for a directory, we always set the generation of the logged inode item to ...
CVE-2026-43118
A flaw was found in the Linux kernel's Btrfs filesystem. When a file is truncated to zero size and then a hardlink is created, a power failure followed by log replay can cause the file to incorrectly retain its original size instead of being zero. This data integrity issue may lead to unexpected...
EUVD-2026-27645
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix zero size inode with non-zero size after log replay When logging that an inode exists, as part of logging a new name or logging new dir entries for a directory, we always set the generation of the logged inode item to ...
CVE-2026-43118
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix zero size inode with non-zero size after log replay When logging that an inode exists, as part of logging a new name or logging new dir entries for a directory, we always set the generation of the logged inode item to ...
CVE-2026-43118 btrfs: fix zero size inode with non-zero size after log replay
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix zero size inode with non-zero size after log replay When logging that an inode exists, as part of logging a new name or logging new dir entries for a directory, we always set the generation of the logged inode item to ...
CVE-2026-43118
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix zero size inode with non-zero size after log replay When logging that an inode exists, as part of logging a new name or logging new dir entries for a directory, we always set the generation of the logged inode item to ...
CVE-2026-43118
This CVE-2026-43118 concerns a Btrfs log replay data integrity issue in the Linux kernel where truncating a file to zero and then creating a hardlink, followed by a power failure and log replay, could leave the original size unchanged. Root cause: during inode logging, a 0 generation is written f...
CVE-2026-43118
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix zero size inode with non-zero size after log replay When logging that an inode exists, as part of logging a new name or logging new dir entries for a directory, we always set the generation of the logged inode item to ...
PT-2026-37428
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Btrfs file system where an inode may retain a non-zero size after log replay, even if it was truncated to zero. This occurs because when logging that an inode exis...
Linux Distros Unpatched Vulnerability : CVE-2026-43118
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: fix zero size inode with non-zero size after log replay When logging that an inode exists, as part of logging a new name or logging new dir entries for a...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to validate the rec-used field during the ntfs3 log replay file checking process. Thi...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013468)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013468 advisory. In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs. Tenable has extracted the...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013427)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013427 advisory. A use-after-free flaw was found in the Linux kernel in logreplay in fs/ntfs3/fslog.c in the NTFS journal. This flaw allows a local attacker to crash the system and...