138 matches found
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fixed a deadlock in nilfscountfreeblocks A semaphore deadlock can occur if nilfsgetblock detects metadata corruption while locating data blocks, and a superblock writeback occurs at the same time: task 1 task 2 ------...
SUSE CVE-2026-43053
In the Linux kernel, the following vulnerability has been resolved: xfs: close crash window in attr dabtree inactivation When inactivating an inode with node-format extended attributes, xfsattr3nodeinactive invalidates all child leaf/node blocks via xfstransbinval, but intentionally does not remo...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iommufd: Do not corrupt the pfn list when doing batch carry If batch-end is 0, then setting npfns0 before computing the new value of pfns will fail to adjust the pfn, resulting in various page accounting corruptions. This operati...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerability has been resolved: nilfs2: A infinite loop has been fixed in nilfsmdtgetblock. If the disk image that nilfs2 mounts is corrupted, and the virtual block address obtained through block lookup for a metadata file is invalid, nilfsbmaplookupatlevel may...
Linux Distros Unpatched Vulnerability : CVE-2026-43053
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfs: close crash window in attr dabtree inactivation When inactivating an inode with node-format extended attributes, xfsattr3nodeinactive invalidates all child...
CVE-2026-43053
A flaw was found in the Linux kernel's XFS filesystem. During the inactivation of inodes with extended attributes, a specific timing window exists where a log shutdown can occur after some data blocks are invalidated but before the attribute map is fully truncated. This can lead to inconsistencie...
CVE-2026-43053
In the Linux kernel, the following vulnerability has been resolved: xfs: close crash window in attr dabtree inactivation When inactivating an inode with node-format extended attributes, xfsattr3nodeinactive invalidates all child leaf/node blocks via xfstransbinval, but intentionally does not remo...
CVE-2026-43053 xfs: close crash window in attr dabtree inactivation
In the Linux kernel, the following vulnerability has been resolved: xfs: close crash window in attr dabtree inactivation When inactivating an inode with node-format extended attributes, xfsattr3nodeinactive invalidates all child leaf/node blocks via xfstransbinval, but intentionally does not remo...
EUVD-2026-26652
In the Linux kernel, the following vulnerability has been resolved: xfs: close crash window in attr dabtree inactivation When inactivating an inode with node-format extended attributes, xfsattr3nodeinactive invalidates all child leaf/node blocks via xfstransbinval, but intentionally does not remo...
CVE-2026-43053
CVE-2026-43053 affects the Linux kernel XFS filesystem. The flaw arises during inode inactivation with node-format extended attributes: xfs_attr3_node_inactive() invalidates child blocks but does not remove their references from the parent, creating a window where the parent can point to cancelle...
CVE-2026-43053
In the Linux kernel, the following vulnerability has been resolved: xfs: close crash window in attr dabtree inactivation When inactivating an inode with node-format extended attributes, xfsattr3nodeinactive invalidates all child leaf/node blocks via xfstransbinval, but intentionally does not remo...
PT-2026-36470
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the XFS file system during the inactivation of an inode with node-format extended attributes. The function xfs attr3 node inactive invalidates child leaf or node block...
SUSE CVE-2026-31448
In the Linux kernel, the following vulnerability has been resolved: ext4: avoid infinite loops caused by residual data On the mkdir/mknod path, when mapping logical blocks to physical blocks, if inserting a new extent into the extent tree fails in this example, because the file system disabled th...
CVE-2026-31448
A flaw was found in the Linux kernel's ext4 filesystem. When creating a directory or node, if an extent insertion fails, the system may not properly clear residual data. This can lead to a situation where both directory and extended attribute xattr blocks simultaneously use the same memory buffer...
Linux Distros Unpatched Vulnerability : CVE-2026-31448
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: avoid infinite loops caused by residual data On the mkdir/mknod path, when mapping logical blocks to physical blocks, if inserting a new extent into the...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-013204)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013204 advisory. In the Linux kernel, the following vulnerability has been resolved: dm thin: Use last transaction's pmd-root when commit failed Recently we found a softlock up probl...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013051)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013051 advisory. In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix infinite loop in nilfsmdtgetblock If the disk image that nilfs2 mounts is corrupted a...
Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-010859)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010859 advisory. In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix infinite loop in nilfsmdtgetblock If the disk image that nilfs2 mounts is corrupted a...
CVE-2026-5902
Race in Media in Google Chrome on Android prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to corrupt media stream metadata via a crafted HTML page. Chromium security severity: Low...
PT-2026-30329
Name of the Vulnerable Software and Affected Versions Directus versions prior to 11.16.1 Description Directus' TUS resumable upload endpoint /files/tus allows any authenticated user with basic file upload permissions to overwrite arbitrary existing files by UUID. The TUS controller performs only...