Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: erofs: The issue of generating a order = MAXORDER warning due to a crafted negative isize has been fixed. As reported by syzbot 1, the root cause is that the isize field is a signed type, and a negative isize value is also less...

EulerOS 2.0 SP13 : kernel (EulerOS-SA-2025-2501)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : x86/mce: Work around an erratum on fast string copy instructionsCVE-2022-49124 net: preserve skbendoffset in skbunclonekeeptruesizeCVE-2022-49142...

CVE-2022-50575

In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: Fix a possible warning in privcmdioctlmmapresource As 'kdata.num' is user-controlled data, if user tries to allocate memory larger than= MAXORDER, then kcalloc will fail, it creates a stack trace and messes up dmesg...

UBUNTU-CVE-2022-50575

In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: Fix a possible warning in privcmdioctlmmapresource As 'kdata.num' is user-controlled data, if user tries to allocate memory larger than= MAXORDER, then kcalloc will fail, it creates a stack trace and messes up dmesg...

EUVD-2022-55542

Malicious code in bioql PyPI...

DEBIAN-CVE-2022-50313

In the Linux kernel, the following vulnerability has been resolved: erofs: fix order = MAXORDER warning due to crafted negative isize As syzbot reported 1, the root cause is that isize field is a signed type, and negative isize is also less than EROFSBLKSIZ. As a consequence, it's handled as fast...

CVE-2022-50313 erofs: fix order >= MAX_ORDER warning due to crafted negative i_size

In the Linux kernel, the following vulnerability has been resolved: erofs: fix order = MAXORDER warning due to crafted negative isize As syzbot reported 1, the root cause is that isize field is a signed type, and negative isize is also less than EROFSBLKSIZ. As a consequence, it's handled as fast...

CVE-2022-50313

Summary: CVE-2022-50313 affects the Linux kernel (EROF S subsystem). The root cause is that the i_size field is signed; crafted negative i_size can be interpreted as a fast symlink, triggering an order = MAX_ORDER warning. The fix changes the handling to fall back to the generic path for such unu...

kernel: ext4: avoid online resizing failures due to oversized flex bg

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid online resizing failures due to oversized flex bg When we online resize an ext4 filesystem with a oversized flexbgsize, mkfs.ext4 -F -G 67108864 $dev -b 4096 100M mount $dev $dir resize2fs $dev 16G the following WARNO...