CVE-2026-47224

NanaZip is the 7-Zip derivative intended for the modern Windows experience. From version 3.0.1000.0 to before version 6.0.1698.0, a heap buffer-overflow read exists in the LVM2 physical-volume metadata parser in NanaZip via the upstream 7-Zip LvmHandler. The vulnerability is triggered when openin...

CVE-2026-47224 NanaZip: Heap buffer-overflow read in NanaZip LVM metadata CRC check

NanaZip is the 7-Zip derivative intended for the modern Windows experience. From version 3.0.1000.0 to before version 6.0.1698.0, a heap buffer-overflow read exists in the LVM2 physical-volume metadata parser in NanaZip via the upstream 7-Zip LvmHandler. The vulnerability is triggered when openin...

EUVD-2026-36507

NanaZip is the 7-Zip derivative intended for the modern Windows experience. From version 3.0.1000.0 to before version 6.0.1698.0, a heap buffer-overflow read exists in the LVM2 physical-volume metadata parser in NanaZip via the upstream 7-Zip LvmHandler. The vulnerability is triggered when openin...

CVE-2026-47224 NanaZip: Heap buffer-overflow read in NanaZip LVM metadata CRC check

NanaZip is the 7-Zip derivative intended for the modern Windows experience. From version 3.0.1000.0 to before version 6.0.1698.0, a heap buffer-overflow read exists in the LVM2 physical-volume metadata parser in NanaZip via the upstream 7-Zip LvmHandler. The vulnerability is triggered when openin...

CVE-2026-47224

Summary: CVE-2026-47224 affects NanaZip on Windows: a heap buffer-overflow read in the LVM2 physical-volume metadata parser (via the upstream 7-Zip LvmHandler) can be triggered by opening a crafted LVM disk image. Affected are NanaZip versions 3.0.1000.0 through 6.0.1697.999; the issue is fixed i...

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: md: fixed a crash in mempoolfree There is a crash in mempoolfree when running the lvm test using shell/lvchange-rebuild-raid.sh. The reason for the crash is as follows: - superwritten calls atomicdecandtest&mddev-pendingwrites an...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the drivers/mtd/ubi/vtbl.c file in the Linux kernel, up to version 6.7.4, it is possible for the code to attempt to allocate zero bytes, resulting in a crash due to a missing check for ubi-lebsize...

NewStart CGSL MAIN 6.06 (SP) : lvm2 Vulnerability (NS-SA-2026-0010)

The remote NewStart CGSL host, running version MAIN 6.06 SP, has lvm2 packages installed that are affected by a vulnerability: - The cluster logical volume manager daemon clvmd in lvm2-cluster in LVM2 before 2.02.72, as used in Red Hat Global File System GFS and other products, does not verify...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990395)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990395 advisory. In the Linux kernel, the following vulnerability has been resolved: dm raid: fix KASAN warning in raid5adddisks There's a KASAN warning in raid5adddisk when running...

f2fs: fix to drop all discards after creating snapshot on lvm device

...

EUVD-2010-2530

Malware in sbrugna...

EUVD-2012-0024

Malware in sbrugna...

DEBIAN-CVE-2022-50211

In the Linux kernel, the following vulnerability has been resolved: md-raid10: fix KASAN warning There's a KASAN warning in raid10removedisk when running the lvm test lvconvert-raid-reshape.sh. We fix this warning by verifying that the value "number" is valid. BUG: KASAN: slab-out-of-bounds in...

Vulnerability of the start_io_acct() function in the drivers/md/dm.c module – The driver for supporting multiple devices (such as RAID and LVM) in the Linux kernel allows a hacker to trigger a service failure.

Vulnerability of the startioacct function in the drivers/md/dm.c module – The driver for supporting multiple devices such as RAID and LVM in the Linux operating system is vulnerable due to the use of a NULL pointer. Exploiting this vulnerability could allow an attacker to cause service failures...

Linux Distros Unpatched Vulnerability : CVE-2010-2526

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The cluster logical volume manager daemon clvmd in lvm2-cluster in LVM2 before 2.02.72, as used in Red Hat Global File System GFS and other products, does not...

DEBIAN-CVE-2022-49673

In the Linux kernel, the following vulnerability has been resolved: dm raid: fix KASAN warning in raid5adddisks There's a KASAN warning in raid5adddisk when running the LVM testsuite. The warning happens in the test lvconvert-raid-reshape-lineartoraid6-single-type.sh. We fix the warning by...

SUSE CVE-2024-56565

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to drop all discards after creating snapshot on lvm device Piergiorgio reported a bug in bugzilla as below: ------------ cut here ------------ WARNING: CPU: 2 PID: 969 at fs/f2fs/segment.c:1330 RIP:...

DEBIAN-CVE-2024-56565

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to drop all discards after creating snapshot on lvm device Piergiorgio reported a bug in bugzilla as below: ------------ cut here ------------ WARNING: CPU: 2 PID: 969 at fs/f2fs/segment.c:1330 RIP:...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the handling of discard operations after creating a snapshot on an LVM device in the f2fs module...

kernel: dm: call the resume method on internal suspend

A flaw was found in the Linux kernel’s device-mapper dm component. The issue arises during internal suspend operations where the resume method is not correctly called. This issue leads to problems such as list corruption, specifically observed when running the lvm2 test suite. The problem occurs...