Linux Distros Unpatched Vulnerability : CVE-2024-27069

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ovl: relax WARNON in ovlverifyarea syzbot hit an assertion in copy up data loop which looks...

CVE-2025-37863 ovl: don't allow datadir only

In the Linux kernel, the following vulnerability has been resolved: ovl: don't allow datadir only In theory overlayfs could support upper layer directly referring to a data layer, but there's no current use case for this. Originally, when data-only layers were introduced, this wasn't allowed, onl...

CVE-2022-49743

In the Linux kernel, the following vulnerability has been resolved: ovl: Use "buf" flexible array for memcpy destination The "buf" flexible array needs to be the memcpy destination to avoid false positive run-time warning from the recent FORTIFYSOURCE hardening: memcpy: detected field-spanning...

Linux Distros Unpatched Vulnerability : CVE-2025-21654

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ovl: support encoding fid from inode with no alias Dmitry Safonov reported that a WARNON...

Linux Distros Unpatched Vulnerability : CVE-2019-10140

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Linux kernel's, versions up to 3.10, implementation of overlayfs. An attacker with local access can create a denial of service...

Linux Distros Unpatched Vulnerability : CVE-2019-15794

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma-vmfile in...

PT-2024-21632 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue arises when a lower file's size is changed underneath overlayfs, causing an assertion in the copy up data loop. This type of use case is documented to cause undefined behavio...

CVE-2021-46972

In the Linux kernel, the following vulnerability has been resolved: ovl: fix leaked dentry Since commit 6815f479ca90 "ovl: use only uppermetacopy state in ovllookup", overlayfs doesn't put temporary dentry when there is a metacopy error, which leads to dentry leaks when shutting down the related...

PT-2025-13285 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved. The issue involved the use of a flexible array in the ovl component, which required adjustment to avoid false positive run-time...