20 matches found
kernel: ext4: fix use-after-free in ext4_orphan_cleanup
A use-after-free vulnerability was found in the ext4 filesystem's orphan inode cleanup routine in the Linux kernel. When ext4inodeattachjinode fails with -ENOMEM during orphan cleanup at mount time, the error is not properly propagated. The inode is freed via iput, but the orphan list still...
kernel: ext4: fix use-after-free in ext4_orphan_cleanup
A use-after-free vulnerability was found in the ext4 filesystem's orphan inode cleanup routine in the Linux kernel. When ext4inodeattachjinode fails with -ENOMEM during orphan cleanup at mount time, the error is not properly propagated. The inode is freed via iput, but the orphan list still...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004221)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004221 advisory. In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4putsuper in...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003894)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003894 advisory. In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4putsuper in...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002379)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002379 advisory. The ext4orphandel function in fs/ext4/namei.c in the Linux kernel before 3.7.3 does not properly handle orphan-list entries for non-journal filesystems, which allows...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000456)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000456 advisory. In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4putsuper in...
kernel: ext4: only dirty folios when data journaling regular files
In the Linux kernel, the following vulnerability has been resolved: ext4: only dirty folios when data journaling regular files fstest generic/388 occasionally reproduces a crash that looks as follows: BUG: kernel NULL pointer dereference, address: 0000000000000000 ... Call Trace:...
EUVD-2013-2004
Malware in sbrugna...
kernel: ext4: only dirty folios when data journaling regular files
In the Linux kernel, the following vulnerability has been resolved: ext4: only dirty folios when data journaling regular files fstest generic/388 occasionally reproduces a crash that looks as follows: BUG: kernel NULL pointer dereference, address: 0000000000000000 ... Call Trace:...
UBUNTU-CVE-2025-38220
In the Linux kernel, the following vulnerability has been resolved: ext4: only dirty folios when data journaling regular files fstest generic/388 occasionally reproduces a crash that looks as follows: BUG: kernel NULL pointer dereference, address: 0000000000000000 ... Call Trace:...
PT-2025-27995
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been identified, which can cause a kernel NULL pointer dereference when processing a symlink inode from the orphan list. This issue arises due t...
kernel: ext4: fix use-after-free in ext4_orphan_cleanup
A use-after-free vulnerability was found in the ext4 filesystem's orphan inode cleanup routine in the Linux kernel. When ext4inodeattachjinode fails with -ENOMEM during orphan cleanup at mount time, the error is not properly propagated. The inode is freed via iput, but the orphan list still...
SUSE CVE-2013-2015
The ext4orphandel function in fs/ext4/namei.c in the Linux kernel before 3.7.3 does not properly handle orphan-list entries for non-journal filesystems, which allows physically proximate attackers to cause a denial of service system hang via a crafted filesystem on removable media, as demonstrate...
SUSE CVE-2019-19447
In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4putsuper in fs/ext4/super.c, related to dumporphanlist in fs/ext4/super.c...
DEBIAN-CVE-2019-19447
In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4putsuper in fs/ext4/super.c, related to dumporphanlist in fs/ext4/super.c...
Unbreakable Enterprise kernel security update
2.6.39-400.278.3 - net: add validation for the socket syscall protocol argument Hannes Frederic Sowa Orabug: 23267976 CVE-2015-8543 CVE-2015-8543 - ipv6: addrconf: validate new MTU before applying it Marcelo Leitner Orabug: 23263251 CVE-2015-8215 - ext4: avoid hang when mounting non-journal...
kernel: Mounting ext2 fs e2fsprogs/tests/f_orphan as ext4 crashes system
A flaw was found in the way the Linux kernel's ext4 file system driver handled non-journal file systems with an orphan list. An attacker with physical access to the system could use this flaw to crash the system or, although unlikely, escalate their privileges on the system...
MGASA-2013-0343 Updated kernel-linus package fixes security vulnerabilites.
This kernel-linus update provides the upstream 3.4.69 kernel and fixes the following security issues: The ext4orphandel function in fs/ext4/namei.c in the Linux kernel before 3.7.3 does not properly handle orphan-list entries for non-journal filesystems, which allows physically proximate attacker...
DEBIAN-CVE-2013-2015
The ext4orphandel function in fs/ext4/namei.c in the Linux kernel before 3.7.3 does not properly handle orphan-list entries for non-journal filesystems, which allows physically proximate attackers to cause a denial of service system hang via a crafted filesystem on removable media, as demonstrate...
UBUNTU-CVE-2013-2015
The ext4orphandel function in fs/ext4/namei.c in the Linux kernel before 3.7.3 does not properly handle orphan-list entries for non-journal filesystems, which allows physically proximate attackers to cause a denial of service system hang via a crafted filesystem on removable media, as demonstrate...