Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: nilfs2: Fix for a use-after-free of the timer for the log writer thread This patch series, titled “nilfs2: Fix for log writer-related issues”, addresses three issues related to the nilfs2 log writer. These include a...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: nilfs2: A potential hang occurred in nilfsdetachlogwriter. Syzbot reported a potential hang during nilfsdetachlogwriter called when nilfs2 unmounts the file system. Analysis revealed that this issue arises because nilfssegctorsyn...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nilfs2: Fixing the use-after-free bug of nswriter when remounting the filesystem. If a nilfs2 filesystem is downgraded to read-only due to metadata corruption on the disk, and it is remounted with read/write access, or if an...

Astra Linux - уязвимость в linux-5.10, linux

A vulnerability, classified as problematic, has been identified in the Linux kernel. This issue affects the function nilfsattachlogwriter in the file fs/nilfs2/segment.c of the BPF component. The manipulation leading to this issue results in a memory leak. The attack can be initiated remotely. It...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: Nilfs2: Fixed a hang issue in nilfslookupdirtydatabuffers. Syzbot reported a hang issue in migratepagesbatch, called by mbind, and nilfslookupdirtydatabuffers, called in the log writer of nilfs2. While migratepagesbatch locks ...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007472)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007472 advisory. In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix use-after-free bug of nswriter on remount If a nilfs2 filesystem is downgraded to...

CVE-2009-4417

The shutdown function in the ZendLogWriterMail class in Zend Framework ZF allows context-dependent attackers to send arbitrary e-mail messages to any recipient address via vectors related to "events not yet mailed."...

CVE-2023-53804

CVE-2023-53804 concerns a use-after-free in nilfs2 within the Linux kernel. During unmount, nilfs_root may be freed or become unheld after nilfs_detach_log_writer(), yet nilfs_evict_inode() still relies on nilfs_root for cleanup, risking a use-after-free read if inodes sit in the garbage_list and...

EUVD-2019-19089

Malware in sbrugna...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986387)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986387 advisory. In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential hang in nilfsdetachlogwriter Syzbot has reported a potential hang in...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-386953)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-386953 advisory. In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix use-after-free of timer for log writer thread Patch series nilfs2: fix log writer...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414384)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414384 advisory. A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfsattachlogwriter of the file...

EUVD-2025-24754

Malicious code in bioql PyPI...

EUVD-2025-12938

Malicious code in bioql PyPI...

Important: kernel

Issue Overview: A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfsattachlogwriter of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is...

SUSE CVE-2023-53311

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix use-after-free of nilfsroot in dirtying inodes via iput During unmount process of nilfs2, nothing holds nilfsroot structure after nilfs2 detaches its writer in nilfsdetachlogwriter. Previously, nilfsevictinode could...

CVE-2023-53311 nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix use-after-free of nilfsroot in dirtying inodes via iput During unmount process of nilfs2, nothing holds nilfsroot structure after nilfs2 detaches its writer in nilfsdetachlogwriter. Previously, nilfsevictinode could...

CVE-2025-49037

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Federico Rota Authentication and xmlrpc log writer authentication-and-xmlrpc-log-writer allows Reflected XSS.This issue affects Authentication and xmlrpc log writer: from n/a through = 1.2.2...

Linux Distros Unpatched Vulnerability : CVE-2024-26696

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nilfs2: fix hang in nilfslookupdirtydatabuffers Syzbot reported a hang issue in migratepagesbatch called by mbind and nilfslookupdirtydatabuffers called in the...

CVE-2025-49037

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Federico Rota Authentication and xmlrpc log writer authentication-and-xmlrpc-log-writer allows Reflected XSS.This issue affects Authentication and xmlrpc log writer: from n/a through = 1.2.2...