119 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: orangefs: fixed xattr-related buffer overflow issues… Willy Tarreau forwarded me a message from Disclosure , containing the following warning: The helper function xattrkey uses the pointer variable in the loop condition, rather...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: orangefs: Do not truncate the file size. len is used to store the result of isizeread. Therefore, making len a sizet type results in truncation to 4GiB on 32-bit systems...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: orangefs: fixed an out-of-bounds read in orangefsdebugwrite. I received a report from syzbot regarding an out-of-bounds read in orangefsdebugwrite… Several people suggested solutions. I tested Al Viro’s suggestion and created thi...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: orangefs: The issue with memory leaks in orangefskernel,clientdebuginit was fixed. When the orangefs module is inserted or removed, memory leaks occur as follows: unreferenced object 0xffff88816b0cc000 size 2048: comm "insmod", p...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: orangefs: The issue in kmemleak in orangefspreparedebugfshelpstring has been fixed. When inserting or removing the orangefs module, the debughelpstring variable may be leaked: - Unreferenced object: 0xffff8881652ba000 size 4096 -...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013595)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013595 advisory. In the Linux kernel, the following vulnerability has been resolved: orangefs: Fix kmemleak in orangefspreparedebugfshelpstring When insert and remove the orangefs...
Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011401)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011401 advisory. In the Linux kernel, the following vulnerability has been resolved: orangefs: fix xattr related buffer overflow... Willy Tarreau forwarded me a message from Disclosu...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011092)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011092 advisory. In the Linux kernel, the following vulnerability has been resolved: orangefs: Fix kmemleak in orangefspreparedebugfshelpstring When insert and remove the orangefs...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013003)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013003 advisory. In the Linux kernel, the following vulnerability has been resolved: orangefs: fix xattr related buffer overflow... Willy Tarreau forwarded me a message from Disclosu...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005783)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005783 advisory. In the Linux kernel, the following vulnerability has been resolved: orangefs: Do not truncate file size 'len' is used to store the result of isizeread, so making 'le...
ROS-20260205-73-0025
A vulnerability in the fs/orangefs/inode.c component of the Linux kernel is related to insufficient input data validation. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service...
Azure Linux 3.0 Security Update: kernel (CVE-2025-38065)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38065 advisory. - In the Linux kernel, the following vulnerability has been resolved: orangefs: Do not truncate file size 'len...
Azure Linux 3.0 Security Update: kernel (CVE-2025-21782)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21782 advisory. - In the Linux kernel, the following vulnerability has been resolved: orangefs: fix a oob in orangefsdebugwrit...
ROS-20260119-7362
A vulnerability in the orangefsdebugwrite function of the fs/orangefs/orangefs-debugfs.c component of the Linux operating system kernel is related to reading outside the allowed data buffer boundaries. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, as...
Unity Linux 20.1060a Security Update: kernel (UTSA-2025-993239)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993239 advisory. In the Linux kernel, the following vulnerability has been resolved: orangefs: Fix kmemleak in orangefskernel,clientdebuginit When insert and remove the orangefs...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992226)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992226 advisory. In the Linux kernel, the following vulnerability has been resolved: orangefs: Fix kmemleak in orangefskernel,clientdebuginit When insert and remove the orangefs...
Linux Distros Unpatched Vulnerability : CVE-2022-50779
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - orangefs: Fix kmemleak in orangefspreparedebugfshelpstring When insert and remove the orangefs module, then debughelpstring will be leaked: unreferenced object...
SUSE CVE-2022-50779
In the Linux kernel, the following vulnerability has been resolved: orangefs: Fix kmemleak in orangefspreparedebugfshelpstring When insert and remove the orangefs module, then debughelpstring will be leaked: unreferenced object 0xffff8881652ba000 size 4096: comm "insmod", pid 1701, jiffies...
EUVD-2022-55782
In the Linux kernel, the following vulnerability has been resolved: orangefs: Fix kmemleak in orangefspreparedebugfshelpstring When insert and remove the orangefs module, then debughelpstring will be leaked: unreferenced object 0xffff8881652ba000 size 4096: comm "insmod", pid 1701, jiffies...
CVE-2022-50779
In the Linux kernel, the following vulnerability has been resolved: orangefs: Fix kmemleak in orangefspreparedebugfshelpstring When insert and remove the orangefs module, then debughelpstring will be leaked: unreferenced object 0xffff8881652ba000 size 4096: comm "insmod", pid 1701, jiffies...