109 matches found
CVE-2025-38709
In the Linux kernel, the following vulnerability has been resolved: loop: Avoid updating block size under exclusive owner Syzbot came up with a reproducer where a loop device block size is changed underneath a mounted filesystem. This causes a mismatch between the block device block size and the...
UBUNTU-CVE-2025-38709
In the Linux kernel, the following vulnerability has been resolved: loop: Avoid updating block size under exclusive owner Syzbot came up with a reproducer where a loop device block size is changed underneath a mounted filesystem. This causes a mismatch between the block device block size and the...
CVE-2025-38709
CVE-2025-38709 affects the Linux kernel loop device where changing the loop block size while a filesystem is mounted can cause a block-size mismatch between the loop device and the superblock, triggering warnings such as in __getblk_slow(). The issue is remedied by obtaining an exclusive hold on ...
CVE-2025-38709 loop: Avoid updating block size under exclusive owner
In the Linux kernel, the following vulnerability has been resolved: loop: Avoid updating block size under exclusive owner Syzbot came up with a reproducer where a loop device block size is changed underneath a mounted filesystem. This causes a mismatch between the block device block size and the...
CVE-2025-38709 loop: Avoid updating block size under exclusive owner
In the Linux kernel, the following vulnerability has been resolved: loop: Avoid updating block size under exclusive owner Syzbot came up with a reproducer where a loop device block size is changed underneath a mounted filesystem. This causes a mismatch between the block device block size and the...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a loop device not exclusively updating the block size...
SUSE CVE-2025-8067
A flaw was found in the Udisks daemon, where it allows unprivileged users to create loop devices using the D-BUS system. This is achieved via the loop device handler, which handles requests sent through the D-BUS interface. As two of the parameters of this handle, it receives the file descriptor...
USN-7723-1 udisks2 vulnerability
Michael Imfeld discovered that UDisks did not check the validity of input data correctly when handling files for loop devices. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code...
CVE-2025-8067
Summary: CVE-2025-8067 is an out-of-bounds read in the UDisks2 daemon via the D-Bus loop device handler, where a negative index is not validated. This can allow unprivileged users to crash the daemon or perform local privilege escalation by accessing files owned by privileged users. What’s affect...
CVE-2025-38620
The CVE-2025-38620 vulnerability affects the Linux kernel’s zloop (zoned loop) device. It arises from a use-after-free in blk_mq_free_tag_set() during zloop removal: zloop_ctl_remove() frees zlo memory (via zloop_free_disk()) and then accesses zlo->tag_set, which now points to freed memory. Th...
PT-2025-34382 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a use-after-free issue within the zloop module. When a zoned loop device zloop device is removed, the blk mq free tag set function accesses memory that has...
Linux Distros Unpatched Vulnerability : CVE-2025-37741
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jfs: Prevent copying of nlink with value 0 from disk inode syzbot report a deadlock in diFree. 1 When calling ioctl$LOOPSETSTATUS64, the offset value passed in...
Linux Distros Unpatched Vulnerability : CVE-2025-38415
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Squashfs: check return result of sbminblocksize Syzkaller reports an UBSAN: shift-out-of-bounds in squashfsbioread bug. Syzkaller forks multiple processes whic...
UBUNTU-CVE-2025-38415
In the Linux kernel, the following vulnerability has been resolved: Squashfs: check return result of sbminblocksize Syzkaller reports an "UBSAN: shift-out-of-bounds in squashfsbioread" bug. Syzkaller forks multiple processes which after mounting the Squashfs filesystem, issues an ioctl"/dev/loop0...
PT-2025-35982
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where a loop device block size could be changed underneath a mounted filesystem. This discrepancy between the block device block size and the superbloc...
SUSE CVE-2022-49993
In the Linux kernel, the following vulnerability has been resolved: loop: Check for overflow while configuring loop The userspace can configure a loop using an ioctl call, wherein a configuration of type loopconfig is passed see loioctl's case on line 1550 of drivers/block/loop.c. This proceeds t...
DEBIAN-CVE-2022-49993
In the Linux kernel, the following vulnerability has been resolved: loop: Check for overflow while configuring loop The userspace can configure a loop using an ioctl call, wherein a configuration of type loopconfig is passed see loioctl's case on line 1550 of drivers/block/loop.c. This proceeds t...
CVE-2022-49993
In the Linux kernel, the following vulnerability has been resolved: loop: Check for overflow while configuring loop The userspace can configure a loop using an ioctl call, wherein a configuration of type loopconfig is passed see loioctl's case on line 1550 of drivers/block/loop.c. This proceeds t...
UBUNTU-CVE-2022-49993
In the Linux kernel, the following vulnerability has been resolved: loop: Check for overflow while configuring loop The userspace can configure a loop using an ioctl call, wherein a configuration of type loopconfig is passed see loioctl's case on line 1550 of drivers/block/loop.c. This proceeds t...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: jfs: Prevent copying of nlink with a value of 0 from the disk inode. syzbot reported a deadlock in diFree. 1 When calling “ioctl$LOOPSETSTATUS64”, the offset value passed in is 4, which does not match the mounted loop device...