Astra Linux - уязвимость в ntfs-3g

A properly crafted NTFS image can lead to a out-of-bounds read, caused by an invalid attribute in ntfsattrfindinattrdef, in NTFS-3G 2021.8.22...

Astra Linux - уязвимость в ntfs-3g

A properly crafted NTFS image can cause an integer overflow in the memmove function, resulting in a heap-based buffer overflow in the ntfsattrrecordresize function, as of NTFS-3G version 2021.8.22...

Astra Linux - уязвимость в ntfs-3g

A properly crafted NTFS image can lead to heap exhaustion in ntfsgetattributevalue in NTFS-3G from version 2021.8.22 onwards...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfsattrfind in fs/ntfs/attrib.c...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Added a overflow check for attribute size. The offset addition could cause an overflow, potentially passing the used size check when processing attributes with very large sizes e.g., 0xffffff7f. This could lead to...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-010743)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010743 advisory. In the Linux kernel before 6.1.3, fs/ntfs3/inode.c does not validate the attribute name offset. An unhandled page fault may occur. Tenable has extracted the precedin...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991119)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991119 advisory. In the Linux kernel, the following vulnerability has been resolved: ntfs: fix use-after-free in ntfsattrfind Patch series ntfs: fix bugs about Attribute, v2. This...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990796)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990796 advisory. In the Linux kernel, the following vulnerability has been resolved: ntfs: check overflow when iterating ATTRRECORDs Kernel iterates over ATTRRECORDs in mft record in...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414326)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414326 advisory. In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfsattrfind in fs/ntfs/attrib.c. Tenable has extracted the preceding description block directly from th...

EUVD-2025-13024

Malicious code in bioql PyPI...

SUSE CVE-2023-53486

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Enhance the attribute size check This combines the overflow and boundary check so that all attribute size will be properly examined while enumerating them. 169.181521 BUG: KASAN: slab-out-of-bounds in...

DEBIAN-CVE-2022-49763

In the Linux kernel, the following vulnerability has been resolved: ntfs: fix use-after-free in ntfsattrfind Patch series "ntfs: fix bugs about Attribute", v2. This patchset fixes three bugs relative to Attribute in record: Patch 1 adds a sanity check to ensure that, attrsoffset field in first mf...

CVE-2022-49763

Summary (CVE-2022-49763) In the Linux kernel NTFS code, the use-after-free issue in ntfs_attr_find() stems from missing bounds checks on the attrs_offset field after loading the first MFT record. The vulnerability was exposed by KASAN reports (use-after-free read) during NTFS attribute handling, ...

CVE-2022-49763

In the Linux kernel, the following vulnerability has been resolved: ntfs: fix use-after-free in ntfsattrfind Patch series "ntfs: fix bugs about Attribute", v2. This patchset fixes three bugs relative to Attribute in record: Patch 1 adds a sanity check to ensure that, attrsoffset field in first mf...

CVE-2022-49762 ntfs: check overflow when iterating ATTR_RECORDs

In the Linux kernel, the following vulnerability has been resolved: ntfs: check overflow when iterating ATTRRECORDs Kernel iterates over ATTRRECORDs in mft record in ntfsattrfind. Because the ATTRRECORDs are next to each other, kernel can get the next ATTRRECORD from end address of current...

PT-2025-18480 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A use-after-free issue has been identified in the Linux kernel, specifically in the ntfs attr find function. This issue can be triggered when the kernel loads the first MFT record and...

Astra Linux - уязвимость в linux-5.10

ntfsattrfind in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service kernel oops or panic or possibly have unspecified other impact via a crafted ntfs filesystem...

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6032-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6032-1 advisory. Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an out-of- bounds write vulnerability. A local attacker coul...

USN-5982-1 linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-azure-fde, linux-gcp, linux-gcp-5.15, linux-gkeop, linux-hwe-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-oracle, linux-oracle-5.15, linux-raspi vulnerabilities

It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. CVE-2022-2196 It was discovered...

OESA-2023-1178 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In bindertransactionbufferrelease of binder.c, there is a possible use after free due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction...