54 matches found
EulerOS Virtualization 2.13.0 : util-linux (EulerOS-SA-2026-2420)
According to the versions of the util-linux packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : util-linux is a random collection of Linux utilities. Prior to version 2.41.4, a TOCTOU Time-of-Check- Time-of-Use vulnerabilit...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: nilfs2: Fixed a shift-out-of-bounds/overflow issue in nilfssb2badoffset. The patch series “nilfs2: Fix UBSAN shift-out-of-bounds warnings during mount time” addresses this issue. The first patch fixes a bug reported by syzbot,...
Linux Distros Unpatched Vulnerability : CVE-2026-43046
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: reject root items with dropprogress and zero droplevel BUG When recovering relocation at mount time, mergerelocroot and btrfsdropsnapshot both use...
CVE-2026-43046
CVE-2026-43046 affects the Linux kernel, specifically btrfs relocation logic where a non-zero drop_progress with drop_level == 0 can be observed in a read-back root_item. The root_item invariant is now validated in the tree-checker when reading from disk: if drop_progress.objectid is non-zero, dr...
EUVD-2026-26645
In the Linux kernel, the following vulnerability has been resolved: btrfs: reject root items with dropprogress and zero droplevel BUG When recovering relocation at mount time, mergerelocroot and btrfsdropsnapshot both use BUGONlevel == 0 to guard against an impossible state: a non-zero dropprogre...
PT-2026-36463
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.0-rc2-next-20260310 Description An issue exists in the btrfs file system where the kernel fails to validate the root item invariant when reading it from disk. Specifically, if drop progress.objectid is...
SUSE CVE-2026-31577
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix NULL iassocinode dereference in nilfsmdtsavetoshadowmap The DAT inode's btree node cache iassocinode is initialized lazily during btree operations. However, nilfsmdtsavetoshadowmap assumes iassocinode is already...
Linux Distros Unpatched Vulnerability : CVE-2026-31577
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nilfs2: fix NULL iassocinode dereference in nilfsmdtsavetoshadowmap The DAT inode's btree node cache iassocinode is initialized lazily during btree operations...
CVE-2026-31577
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix NULL iassocinode dereference in nilfsmdtsavetoshadowmap The DAT inode's btree node cache iassocinode is initialized lazily during btree operations. However, nilfsmdtsavetoshadowmap assumes iassocinode is already...
DEBIAN-CVE-2026-31577
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix NULL iassocinode dereference in nilfsmdtsavetoshadowmap The DAT inode's btree node cache iassocinode is initialized lazily during btree operations. However, nilfsmdtsavetoshadowmap assumes iassocinode is already...
CVE-2026-31577
CVE-2026-31577 affects the Linux kernel nilfs2 filesystem. The vulnerability is a NULL i_assoc_inode dereference in nilfs_mdt_save_to_shadow_map during GC if NILFS_IOCTL_CLEAN_SEGMENTS is invoked immediately after mount, before any btree operation on the DAT inode. The root cause is i_assoc_inode...
CVE-2026-31577
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix NULL iassocinode dereference in nilfsmdtsavetoshadowmap The DAT inode's btree node cache iassocinode is initialized lazily during btree operations. However, nilfsmdtsavetoshadowmap assumes iassocinode is already...
CVE-2026-31577 nilfs2: fix NULL i_assoc_inode dereference in nilfs_mdt_save_to_shadow_map
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix NULL iassocinode dereference in nilfsmdtsavetoshadowmap The DAT inode's btree node cache iassocinode is initialized lazily during btree operations. However, nilfsmdtsavetoshadowmap assumes iassocinode is already...
CVE-2026-31577
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix NULL iassocinode dereference in nilfsmdtsavetoshadowmap The DAT inode's btree node cache iassocinode is initialized lazily during btree operations. However, nilfsmdtsavetoshadowmap assumes iassocinode is already...
PT-2026-34929
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference exists in the nilfs2 component within the nilfs mdt save to shadow map function. The btree node cache i assoc inode of the DAT inode is initialized lazily duri...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010864)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010864 advisory. In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix shift-out-of-bounds/overflow in nilfssb2badoffset Patch series nilfs2: fix UBSAN...
nfs-utils: rpc.mountd in the nfs-utils privilege escalation
A vulnerability was recently discovered in the rpc.mountd daemon in the nfs-utils package for Linux, that allows a NFSv3 client to escalate the privileges assigned to it in the /etc/exports file at mount time. In particular, it allows the client to access any subdirectory or subtree of an exporte...
nfs-utils: rpc.mountd in the nfs-utils privilege escalation
A vulnerability was recently discovered in the rpc.mountd daemon in the nfs-utils package for Linux, that allows a NFSv3 client to escalate the privileges assigned to it in the /etc/exports file at mount time. In particular, it allows the client to access any subdirectory or subtree of an exporte...
nfs-utils: rpc.mountd in the nfs-utils privilege escalation
A vulnerability was recently discovered in the rpc.mountd daemon in the nfs-utils package for Linux, that allows a NFSv3 client to escalate the privileges assigned to it in the /etc/exports file at mount time. In particular, it allows the client to access any subdirectory or subtree of an exporte...
nfs-utils: rpc.mountd in the nfs-utils privilege escalation
A vulnerability was recently discovered in the rpc.mountd daemon in the nfs-utils package for Linux, that allows a NFSv3 client to escalate the privileges assigned to it in the /etc/exports file at mount time. In particular, it allows the client to access any subdirectory or subtree of an exporte...