CVE-2026-46078

In the Linux kernel, the following vulnerability has been resolved: erofs: fix the out-of-bounds nameoff handling for trailing dirents Currently we already have boundary-checks for nameoffs, but the trailing dirents are special since the namelens are calculated with strnlen with unchecked nameoff...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel before 6.1.3, fs/ntfs3/inode.c does not validate the attribute name offset. An unhandled page fault may occur...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013429)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013429 advisory. In the Linux kernel before 6.1.3, fs/ntfs3/inode.c does not validate the attribute name offset. An unhandled page fault may occur. Tenable has extracted the precedin...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-010743)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010743 advisory. In the Linux kernel before 6.1.3, fs/ntfs3/inode.c does not validate the attribute name offset. An unhandled page fault may occur. Tenable has extracted the precedin...

EUVD-2022-51120

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-48424

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel before 6.1.3, fs/ntfs3/inode.c does not validate the attribute name offset. An unhandled page fault may occur. CVE-2022-48424 Note that Ness...

OESA-2025-1097 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial out-of-bounds when buffer offset is invalid I found potencial out-of-bounds when buffer offset fields of a few requests is invalid. This pat...

OESA-2025-1093 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial out-of-bounds when buffer offset is invalid I found potencial out-of-bounds when buffer offset fields of a few requests is invalid. This pat...

SUSE CVE-2024-26954

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in smbstrndupfromutf16 If -NameOffset of smb2createreq is smaller than Buffer offset of smb2createreq, slab-out-of-bounds read can happen from smb2open. This patch set the minimum value of the name...

AZL-57714 CVE-2024-26954 affecting package kernel for versions less than 6.6.96.2-2

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in smbstrndupfromutf16 If -NameOffset of smb2createreq is smaller than Buffer offset of smb2createreq, slab-out-of-bounds read can happen from smb2open. This patch set the minimum value of the name...

UBUNTU-CVE-2024-26954

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in smbstrndupfromutf16 If -NameOffset of smb2createreq is smaller than Buffer offset of smb2createreq, slab-out-of-bounds read can happen from smb2open. This patch set the minimum value of the name...

AZL-31893 CVE-2023-1194 affecting package kernel for versions less than 5.15.143.1-1

An out-of-bounds OOB memory read flaw was found in parseleasestate in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel. When an attacker sends the CREATE command with a malformed payload to KSMBD, due to a missing check of NameOffset in the parseleasestate...

UBUNTU-CVE-2023-1194

An out-of-bounds OOB memory read flaw was found in parseleasestate in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel. When an attacker sends the CREATE command with a malformed payload to KSMBD, due to a missing check of NameOffset in the parseleasestate...

In the Linux kernel before 6.1.3 fs/ntfs3/inode.c does not validate the attribute name offset. An unhandled page fault may occur.

...

SUSE CVE-2022-48424

In the Linux kernel before 6.1.3, fs/ntfs3/inode.c does not validate the attribute name offset. An unhandled page fault may occur...

DEBIAN-CVE-2022-48424

In the Linux kernel before 6.1.3, fs/ntfs3/inode.c does not validate the attribute name offset. An unhandled page fault may occur...

AZL-25693 CVE-2022-48424 affecting package kernel for versions less than 5.15.102.1-3

In the Linux kernel before 6.1.3, fs/ntfs3/inode.c does not validate the attribute name offset. An unhandled page fault may occur...

CVE-2022-48424

In the Linux kernel before 6.1.3, fs/ntfs3/inode.c does not validate the attribute name offset. An unhandled page fault may occur...

UBUNTU-CVE-2022-48424

In the Linux kernel before 6.1.3, fs/ntfs3/inode.c does not validate the attribute name offset. An unhandled page fault may occur...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in versions of Linux kernel prior to 6.1.3, which stems from fs/ntfs3/inode.c not checking attribute name offsets, resulting in a possible...