Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: The issue in parseapplysbmountoptions where string copying was corrected. strncpypad cannot be used to copy a non-NUL-terminated string into a NUL-terminated string of possibly larger size. Commit 0efc5990bca5 "string.h:...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: cifs: Fixed an integer overflow during the processing of the acregmax mount option. The user-provided mount parameter acregmax, of type u32, is intended to have an upper limit. However, before it is validated, the value is...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: cifs: Fixed an integer overflow issue while processing the acdirmax mount option. The user-provided mount parameter acdirmax, of type u32, is intended to have an upper limit. However, before this limit is validated, the value is...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ext4: Do not allow journal inode to have the encrypt flag Mounting a filesystem whose journal inode has the encrypt flag causes a NULL dereference in fscryptlimitioblocks when the 'inlinecrypt' mount option is used. The problem...

EUVD-2026-33727

Input validation bypass in SMB volume mount handling in CloudFoundry Foundation diego-release allows low-privileged CF space developer to inject arbitrary kernel CIFS mount options via bypassing the mount-option allowlist, enabling privilege escalation and security control bypass on multi-tenant...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: nilfs2: Fixed a use-after-free of nilfsroot during the dirtying of inodes via iput. During the unmount process of nilfs2, nothing holds the nilfsroot structure after nilfsdetachlogwriter detaches its writer. Previously, nilfsevic...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: LSM: General protection fault in legacyparseparam The usual LSM hook mechanism of “bailing on failure” doesn’t work in cases where a security module may return an error code indicating that it doesn’t recognize an input. In this...

CLSA-2026-1778015406 cifs-utils: Fix of CVE-2022-29869

CVE-2022-29869: avoid leaking sensitive credential file content via verbose stderr in mount.cifs option parsing...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: f2fs: The return value of f2fsrecoverfsyncdata has been fixed. With the following scripts, a panic will occur in f2fs: bash mkfs.f2fs -f /dev/vdd mount /dev/vdd /mnt/f2fs touch /mnt/f2fs/foo sync echo 111 /mnt/f2fs/foo f2fsio fsy...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: btrfs: Fixed an issue where the extent map was used after free, especially when handling a missing device in the readonechunk function. The error code must be stored before freeing the extentmap. Although it’s a reference-counted...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011087)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011087 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: don't allow journal inode to have encrypt flag Mounting a filesystem whose journal inode ha...

GHSA-MPH4-Q2VM-W2PW Amazon EFS CSI Driver has mount option injection via unsanitized volumeHandle and mounttargetip fields

Summary The Amazon EFS CSI Driver is a Container Storage Interface driver that allows Kubernetes clusters to use Amazon Elastic File System. An issue exists where, under certain circumstances, unsanitized values in the volumeHandle and mounttargetip fields are passed directly to the mount command...

Amazon EFS CSI Driver has mount option injection via unsanitized volumeHandle and mounttargetip fields

Summary The Amazon EFS CSI Driver is a Container Storage Interface driver that allows Kubernetes clusters to use Amazon Elastic File System. An issue exists where, under certain circumstances, unsanitized values in the volumeHandle and mounttargetip fields are passed directly to the mount command...

CVE-2026-6437 AWS EFS CSI Driver Mount Option Injection

Improper neutralization of argument delimiters in the volume handling component in AWS EFS CSI Driver aws-efs-csi-driver before v3.0.1 allows remote authenticated users with PersistentVolume creation permissions to inject arbitrary mount options via comma injection. To remediate this issue, users...

CVE-2026-6437

CVE-2026-6437 concerns the AWS EFS CSI Driver (aws-efs-csi-driver) prior to v3.0.1. The flaw is improper neutralization of argument delimiters in the volume handling component, which allows remote authenticated users with PersistentVolume creation permissions to inject arbitrary mount options via...

CVE-2026-6437 AWS EFS CSI Driver Mount Option Injection

Improper neutralization of argument delimiters in the volume handling component in AWS EFS CSI Driver aws-efs-csi-driver before v3.0.1 allows remote authenticated users with PersistentVolume creation permissions to inject arbitrary mount options via comma injection. To remediate this issue, users...

PT-2026-33485

Name of the Vulnerable Software and Affected Versions AWS EFS CSI Driver versions prior to v3.0.1 Description Improper neutralization of argument delimiters in the volume handling component allows remote authenticated users with PersistentVolume creation permissions to inject arbitrary mount...

SUSE CVE-2026-31392

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix krb5 mount with username option Customer reported that some of their krb5 mounts were failing against a single server as the client was trying to mount the shares with wrong credentials. It turned out the client...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004427)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004427 advisory. An issue was discovered in the Linux kernel through 5.6.2. mpolparsestr in mm/mempolicy.c has a stack- based out-of-bounds write because an empty nodelist is...

CVE-2025-71123 ext4: fix string copying in parse_apply_sb_mount_options()

In the Linux kernel, the following vulnerability has been resolved: ext4: fix string copying in parseapplysbmountoptions strscpypad can't be used to copy a non-NUL-term string into a NUL-term string of possibly bigger size. Commit 0efc5990bca5 "string.h: Introduce memtostr and memtostrpad" provid...