Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: orangefs: fixed an out-of-bounds read in orangefsdebugwrite. I received a report from syzbot regarding an out-of-bounds read in orangefsdebugwrite… Several people suggested solutions. I tested Al Viro’s suggestion and created thi...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: orangefs: Do not truncate the file size. len is used to store the result of isizeread. Therefore, making len a sizet type results in truncation to 4GiB on 32-bit systems...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: orangefs: fixed xattr-related buffer overflow issues… Willy Tarreau sent me a message from Disclosure with the following warning: The helper function xattrkey uses the pointer variable in the loop condition, rather than...

Astra Linux - уязвимость в linux-5.15, linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: orangefs: The issue in kmemleak in orangefspreparedebugfshelpstring has been fixed. When inserting or removing the orangefs module, the debughelpstring variable may be leaked: - Unreferenced object: 0xffff8881652ba000 size 4096 -...

Astra Linux - уязвимость в linux-5.15, linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: orangefs: Fix kmemleak in orangefskernel,clientdebuginit When insert and remove the orangefs module, there are memory leaked as below: unreferenced object 0xffff88816b0cc000 size 2048: comm "insmod", pid 783, jiffies 4294813439 a...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013595)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013595 advisory. In the Linux kernel, the following vulnerability has been resolved: orangefs: Fix kmemleak in orangefspreparedebugfshelpstring When insert and remove the orangefs...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013003)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013003 advisory. In the Linux kernel, the following vulnerability has been resolved: orangefs: fix xattr related buffer overflow... Willy Tarreau forwarded me a message from Disclosu...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011401)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011401 advisory. In the Linux kernel, the following vulnerability has been resolved: orangefs: fix xattr related buffer overflow... Willy Tarreau forwarded me a message from Disclosu...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011092)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011092 advisory. In the Linux kernel, the following vulnerability has been resolved: orangefs: Fix kmemleak in orangefspreparedebugfshelpstring When insert and remove the orangefs...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005783)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005783 advisory. In the Linux kernel, the following vulnerability has been resolved: orangefs: Do not truncate file size 'len' is used to store the result of isizeread, so making 'le...

ROS-20260205-73-0025

A vulnerability in the fs/orangefs/inode.c component of the Linux kernel is related to insufficient input data validation. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38065)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38065 advisory. - In the Linux kernel, the following vulnerability has been resolved: orangefs: Do not truncate file size 'len...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21782)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21782 advisory. - In the Linux kernel, the following vulnerability has been resolved: orangefs: fix a oob in orangefsdebugwrit...

ROS-20260119-7362

A vulnerability in the orangefsdebugwrite function of the fs/orangefs/orangefs-debugfs.c component of the Linux operating system kernel is related to reading outside the allowed data buffer boundaries. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, as...

Unity Linux 20.1060a Security Update: kernel (UTSA-2025-993239)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993239 advisory. In the Linux kernel, the following vulnerability has been resolved: orangefs: Fix kmemleak in orangefskernel,clientdebuginit When insert and remove the orangefs...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992226)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992226 advisory. In the Linux kernel, the following vulnerability has been resolved: orangefs: Fix kmemleak in orangefskernel,clientdebuginit When insert and remove the orangefs...

Linux Distros Unpatched Vulnerability : CVE-2022-50779

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - orangefs: Fix kmemleak in orangefspreparedebugfshelpstring When insert and remove the orangefs module, then debughelpstring will be leaked: unreferenced object...

SUSE CVE-2022-50779

In the Linux kernel, the following vulnerability has been resolved: orangefs: Fix kmemleak in orangefspreparedebugfshelpstring When insert and remove the orangefs module, then debughelpstring will be leaked: unreferenced object 0xffff8881652ba000 size 4096: comm "insmod", pid 1701, jiffies...

EUVD-2022-55782

In the Linux kernel, the following vulnerability has been resolved: orangefs: Fix kmemleak in orangefspreparedebugfshelpstring When insert and remove the orangefs module, then debughelpstring will be leaked: unreferenced object 0xffff8881652ba000 size 4096: comm "insmod", pid 1701, jiffies...

CVE-2022-50779

In the Linux kernel, the following vulnerability has been resolved: orangefs: Fix kmemleak in orangefspreparedebugfshelpstring When insert and remove the orangefs module, then debughelpstring will be leaked: unreferenced object 0xffff8881652ba000 size 4096: comm "insmod", pid 1701, jiffies...