97 matches found
CVE-2026-46080
The CVE-2026-46080 entry documents a Linux kernel OCFS2 issue where JBD2 credit exhaustion during direct I/O writes could trigger warnings. The fix addresses this by: (1) splitting and batching extent operations in ocfs2_dio_end_io_write to prevent exceeding journal credits, (2) relocating ocfs2_...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper transaction splitting during direct I/O completion in ocfs2, potentially leading to...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ocfs2: Fix for defragmentation path triggering jbd2 assertion. Code paths: - ocfs2ioctlmoveextents - ocfs2moveextents - ocfs2defragextent - ocfs2moveextent - + ocfs2journalaccessdi - + ocfs2splitextent // Sub-path calls...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: ocfs2: dlmfs: fixed error handling of userdlmdestroylock When userdlmdestroylock failed, it did not clean up the flags it set before exiting. For USERLOCKINTEARDOWN, if this function fails because the lock is still in use, the...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ocfs2: Mounting fails due to a buffer overflow in strlen. Starting with kernel 5.11, when building with CONFIGFORTIFYSOURCE, mounting an ocfs2 filesystem using either o2cb or pcmk cluster stack fails. The issue seems to be that...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ocfs2: The BUG function was replaced with ocfs2error in ocfs2MoveExtent. In ocfs2MoveExtent, the BUG function was changed to ocfs2error simply to avoid causing the entire kernel to crash due to filesystem corruption...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ocfs2: Added bounds checking to ocfs2checkdirentry. This adds sanity checks for ocfs2direntry to ensure that all members of ocfs2direntry do not go beyond the valid memory region...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ocfs2: Clearing the extent cache after moving/defragmenting extents The extent map cache can become stale when extents are moved or defragmented, causing subsequent operations to see outdated extent flags. This triggers a BUGON i...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: iouring: Fixed a fget leak when the file system does not support nowait-buffered read operations. Heming reported a bug when using iouring for link-cp operations on ocfs2. 1 The following steps can reproduce this bug: 1. Mount th...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux
In the Linux kernel, the following vulnerability has been resolved: ocfs2: Reserving space for inline xattr before attaching the reflink tree One of our customers reported a crash and a corrupted ocfs2 filesystem. The crash was due to the detection of corruption. Upon troubleshooting, the fsck -f...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: ocfs2: Properly handles errors when reading symbolic links. The patch series “Convert ocfs2 to use folios”. Mark converted ocfs2 to use folios and sent it to me as a major patch for review ;- So I reworked it into individual...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ocfs2: The ltreedepth field was validated to prevent out-of-bounds access. The ltreedepth field is 16-bit le16, but the actual maximum depth is limited to OCFS2MAXPATHDEPTH. A check was added to prevent out-of-bounds access if th...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021655)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021655 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: free inode when ocfs2getinitinode fails syzbot is reporting busy inodes after unmount, for...
CVE-2026-43168
A flaw was found in the Linux kernel's Oracle Cluster File System version 2 ocfs2. This vulnerability arises from an issue in the reflink preserve cleanup process, where the system incorrectly handles extended attribute xattr entries. The cleanup logic fails to properly manage pointers and clean ...
CVE-2026-43168
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix reflink preserve cleanup issue commit c06c303832ec "ocfs2: fix xattr array entry countedby error" doesn't handle all cases and the cleanup job for preserved xattr entries still has bug: - the 'last' pointer should be...
PT-2026-37385
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds write exists in the ocfs2 write end inline function. The issue occurs because ocfs2 try to write inline data relies on the on-disk id count field to determine if a write...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an array entry processing error in the reflink cleanup mechanism of ocfs2, potentially leading to...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ocfs2: Fix for data corruption after a failed write. When buffering a write fails and data cannot be copied into the underlying page cache, ocfs2writeendnolock simply zeroes out and dirtyens the page. This can result in a dirty...
ocfs2: fix possible deadlock between unlink and dio_end_io_write
...
CVE-2026-31596
A flaw was found in the OCFS2 Oracle Cluster File System, version 2 component of the Linux kernel. A local attacker with control over a specially crafted filesystem could exploit a vulnerability in the ocfs2groupextend function. This flaw arises from an insufficient validation of a global bitmap...