Lucene search
K

35 matches found

RedhatCVE
RedhatCVE
added 2026/06/26 5:32 p.m.11 views

CVE-2026-53040

A flaw was found in the Oracle Cluster File System Release 2 OCFS2 in the Linux kernel. A local attacker with the ability to craft a malicious OCFS2 filesystem could trigger a use-after-free vulnerability. This occurs when the OCFS2IOCINFO ioctl is issued with the OCFS2INFOFLNONCOHERENT flag,...

7.1CVSS5.8AI score0.00122EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/26 12:8 a.m.4 views

CVE-2026-53043

A flaw was found in the Linux kernel's Oracle Cluster File System 2 OCFS2 Distributed Lock Manager DLM. A remote attacker could exploit this vulnerability by sending a specially crafted network message. Insufficient validation of the qrnumregions field in the dlmmatchregions function allows for...

9.1CVSS5.9AI score0.00521EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/25 6:18 p.m.4 views

CVE-2026-53041

A flaw was found in the Linux kernel's Oracle Cluster File System version 2 OCFS2. When an OCFS2 inode has both inline and and block-based extended attributes xattrs, the listxattr function can return a size larger than the caller's buffer. This incorrect size handling can lead to a kernel bug an...

7.1CVSS5.8AI score0.00126EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/24 4:29 p.m.27 views

CVE-2026-53040 ocfs2: validate bg_bits during freefrag scan

In the Linux kernel, the following vulnerability has been resolved: ocfs2: validate bgbits during freefrag scan BUG A crafted filesystem can trigger an out-of-bounds bitmap walk when OCFS2IOCINFO is issued with OCFS2INFOFLNONCOHERENT. BUG: KASAN: use-after-free in instrumentatomicread...

7.1CVSS0.00122EPSS
Exploits0References8
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ocfs2: Properly handles errors when reading symbolic links. It’s a patch from the “Convert ocfs2 to use folios” series. Mark converted ocfs2 to use folios and sent it to me as a major patch for review ;-. So I reworked it into...

5.5CVSS6.2AI score0.00194EPSS
Exploits0References2
CVE
CVE
added 2026/05/27 12:58 p.m.28 views

CVE-2026-46080

CVE-2026-46080 : In the Linux kernel, the ocfs2 code path is fixed to prevent credit-exhaustion during direct I/O (dio) by splitting transactions in dio completion and batching extent handling. The patch relocates removing inodes from the orphan list until the extent tree update completes, reduci...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References8Affected Software1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: ocfs2: dlmfs: Fixed error handling for userdlmDestroyLock. When userdlmDestroyLock fails, it does not clean up the flags it set before exiting. For the USERLOCKINTEARDOWN condition, if this function fails because the lock is...

5.5CVSS6.3AI score0.00191EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ocfs2: Added bounds checking to ocfs2checkdirentry. This adds sanity checks for ocfs2direntry to ensure that all members of ocfs2direntry do not go beyond the valid memory region...

5.5CVSS6.2AI score0.00239EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/06 7:53 p.m.10 views

CVE-2026-43168

A flaw was found in the Linux kernel's Oracle Cluster File System version 2 ocfs2. This vulnerability arises from an issue in the reflink preserve cleanup process, where the system incorrectly handles extended attribute xattr entries. The cleanup logic fails to properly manage pointers and clean ...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References4
NVD
NVD
added 2026/05/06 12:16 p.m.6 views

CVE-2026-43168

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix reflink preserve cleanup issue commit c06c303832ec "ocfs2: fix xattr array entry countedby error" doesn't handle all cases and the cleanup job for preserved xattr entries still has bug: - the 'last' pointer should be...

5.5CVSS0.00123EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/03/03 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005518)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005518 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: reserve space for inline xattr before attaching reflink tree One of our customers reported...

5.5CVSS6.1AI score0.00257EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.5 views

Azure Linux 3.0 Security Update: kernel (CVE-2024-40951)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-40951 advisory. - In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix NULL pointer dereference in...

5.5CVSS6.9AI score0.00239EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

MiracleLinux 3 : net-snmp-5.3.2.2-20.0.1.AXS3 (AXSA:2013-32:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-32:01 advisory. SNMP Simple Network Management Protocol is a protocol used for network management. The NET-SNMP project includes various SNMP tools: an extensible agent, an SN...

3.5CVSS7.9AI score0.02167EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.2 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002699)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002699 advisory. In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations ...

4.7CVSS6.2AI score0.00285EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.4 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993184)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993184 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption after failed write When buffered write fails to copy data into...

7.8CVSS6.4AI score0.00175EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.8 views

TencentOS Server 2: kernel (TSSA-2025:0431)

"The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0431 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilitie...

9.8CVSS6.8AI score0.01261EPSS
Exploits2References44
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-30849

Malicious code in bioql PyPI...

6.3AI score0.0011EPSS
Exploits0References9
OSV
OSV
added 2025/09/23 6:0 a.m.8 views

CVE-2025-39885 ocfs2: fix recursive semaphore deadlock in fiemap call

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix recursive semaphore deadlock in fiemap call syzbot detected a OCFS2 hang due to a recursive semaphore on a FSIOCFIEMAP of the extent list on a specially crafted mmap file. contextswitch kernel/sched/core.c:5357 inline...

5.5CVSS6AI score0.0011EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2025/09/19 12:0 a.m.8 views

PT-2025-38549

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the ocfs2 subsystem. Specifically, a null-pointer dereference can occur during the journal shutdown process due to a race condition where...

5.5CVSS7AI score0.00156EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/09/03 10:15 p.m.6 views

ocfs2: Avoid touching renamed directory if parent does not change

...

5.5CVSS7AI score0.00161EPSS
Exploits0
Rows per page
Query Builder