25 matches found
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel up to version 6.2.7, fs/ntfs3/inode.c contains an invalid kfree function because it does not validate the MFT flags before replaying logs...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel before version 6.1.3, fs/ntfs3/inode.c does not validate the attribute name offset. A unhandled page fault may occur...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013429)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013429 advisory. In the Linux kernel before 6.1.3, fs/ntfs3/inode.c does not validate the attribute name offset. An unhandled page fault may occur. Tenable has extracted the precedin...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013468)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013468 advisory. In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs. Tenable has extracted the...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-010744)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010744 advisory. In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs. Tenable has extracted the...
ROS-20260113-7367
A vulnerability in the fs/ntfs3/inode.c component of the Linux operating system kernel is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
UBUNTU-CVE-2022-50739
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add null pointer check for inode operations This adds a sanity check for the iop pointer of the inode which is returned after reading Root directory MFT record. We should check the iop is valid before trying to create t...
CVE-2025-39734
In the Linux kernel, the following vulnerability has been resolved: Revert "fs/ntfs3: Replace inodetrylock with inodelock" This reverts commit 69505fe98f198ee813898cbcaf6770949636430b. Initially, conditional lock acquisition was removed to fix an xfstest bug that was observed during internal...
CVE-2025-39734
CVE-2025-39734 affects the Linux kernel component fs/ntfs3 in the NTFS file-system path. The issue stems from a revert of the inode_trylock versus inode_lock handling (commit 69505fe98f198ee813898cbcaf6770949636430b). The description notes that previously conditional lock acquisition was removed ...
Linux Distros Unpatched Vulnerability : CVE-2022-48425
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs. CVE-2022-48425 Note that...
Linux Distros Unpatched Vulnerability : CVE-2022-48424
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel before 6.1.3, fs/ntfs3/inode.c does not validate the attribute name offset. An unhandled page fault may occur. CVE-2022-48424 Note that Ness...
OESA-2025-1446 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: ntbhwswitchtec: Fix shift-out-of-bounds in switchtecntbmwsettrans There is a kernel API ntbmwcleartrans would pass 0 to both addr and size. This would make...
Important: kernel-livepatch-6.1.29-47.49
Issue Overview: In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs. CVE-2022-48425 Affected Packages: kernel-livepatch-6.1.29-47.49 Issue Correction: Please ensure you have live patching enabled. Run dnf update...
Important: kernel
Issue Overview: In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs. CVE-2022-48425 In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF of alloc-vma in race with munmap CVE-2022-50240...
OESA-2023-1209 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel before 5.19, drivers/gpu/drm/arm/malidpplanes.c misinterprets the getsgtable return value expects it to be NULL in the error case, whereas it is actually an error pointer.CVE-2023-23004 A use-after-free flaw w...
The vulnerability of the ntfs_read_mft() function in the fs/ntfs3/inode.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the ntfsreadmft function in the fs/ntfs3/inode.c file of the Linux kernel is related to the lack of checks for valid attribute sizes. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...
In the Linux kernel through 6.2.7 fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs.
...
SUSE CVE-2022-48424
In the Linux kernel before 6.1.3, fs/ntfs3/inode.c does not validate the attribute name offset. An unhandled page fault may occur...
DEBIAN-CVE-2022-48424
In the Linux kernel before 6.1.3, fs/ntfs3/inode.c does not validate the attribute name offset. An unhandled page fault may occur...
AZL-25693 CVE-2022-48424 affecting package kernel for versions less than 5.15.102.1-3
In the Linux kernel before 6.1.3, fs/ntfs3/inode.c does not validate the attribute name offset. An unhandled page fault may occur...