66 matches found
SUSE CVE-2022-49763
In the Linux kernel, the following vulnerability has been resolved: ntfs: fix use-after-free in ntfsattrfind Patch series "ntfs: fix bugs about Attribute", v2. This patchset fixes three bugs relative to Attribute in record: Patch 1 adds a sanity check to ensure that, attrsoffset field in first mf...
CVE-2022-49763
In the Linux kernel, the following vulnerability has been resolved: ntfs: fix use-after-free in ntfsattrfind Patch series "ntfs: fix bugs about Attribute", v2. This patchset fixes three bugs relative to Attribute in record: Patch 1 adds a sanity check to ensure that, attrsoffset field in first mf...
UBUNTU-CVE-2022-49763
In the Linux kernel, the following vulnerability has been resolved: ntfs: fix use-after-free in ntfsattrfind Patch series "ntfs: fix bugs about Attribute", v2. This patchset fixes three bugs relative to Attribute in record: Patch 1 adds a sanity check to ensure that, attrsoffset field in first mf...
CVE-2022-49763 ntfs: fix use-after-free in ntfs_attr_find()
In the Linux kernel, the following vulnerability has been resolved: ntfs: fix use-after-free in ntfsattrfind Patch series "ntfs: fix bugs about Attribute", v2. This patchset fixes three bugs relative to Attribute in record: Patch 1 adds a sanity check to ensure that, attrsoffset field in first mf...
CVE-2022-49763 ntfs: fix use-after-free in ntfs_attr_find()
In the Linux kernel, the following vulnerability has been resolved: ntfs: fix use-after-free in ntfsattrfind Patch series "ntfs: fix bugs about Attribute", v2. This patchset fixes three bugs relative to Attribute in record: Patch 1 adds a sanity check to ensure that, attrsoffset field in first mf...
CVE-2022-49760
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix PTE marker handling in hugetlbchangeprotection Patch series "mm/hugetlb: uffd-wp fixes for hugetlbchangeprotection". Playing with virtio-mem and background snapshots using uffd-wp on hugetlb in QEMU, I managed to...
UBUNTU-CVE-2022-49744
In the Linux kernel, the following vulnerability has been resolved: mm/uffd: fix pte marker when fork without fork event Patch series "mm: Fixes on pte markers". Patch 1 resolves the syzkiller report from Pengfei. Patch 2 further harden pte markers when used with the recent swapin error markers...
CVE-2022-49760
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix PTE marker handling in hugetlbchangeprotection Patch series "mm/hugetlb: uffd-wp fixes for hugetlbchangeprotection". Playing with virtio-mem and background snapshots using uffd-wp on hugetlb in QEMU, I managed to...
CVE-2022-49760
The CVE-2022-49760 entry documents a Linux kernel issue in hugetlb_change_protection related to PTE marker handling when using uffd-wp. The root cause, as described across connected reports, is that uffd-wp can cause incorrect handling of a PTE marker in two scenarios: (1) protecting a PTE marker...
CVE-2022-49744
The CVE-2022-49744 entry concerns a Linux kernel mm/uffd issue: when forking, the dst_vma may not inherit VM_UFFD_WP even if the src has it, leading to a stale pte marker and potential access to a corrupted page. The fix is a two‑patch series under “mm: Fixes on pte markers” that hardens pte mark...
SUSE CVE-2022-49490
In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Return error code in mdp5piperelease when deadlock is detected mdp5getglobalstate runs the risk of hitting a -EDEADLK when acquiring the modeset lock, but currently mdp5piperelease doesn't check for if an error is...
CVE-2024-58001 ocfs2: handle a symlink read error correctly
In the Linux kernel, the following vulnerability has been resolved: ocfs2: handle a symlink read error correctly Patch series "Convert ocfs2 to use folios". Mark did a conversion of ocfs2 to use folios and sent it to me as a giant patch for review ;- So I've redone it as individual patches, and...
CVE-2025-21722
In the Linux kernel, the following vulnerability has been resolved: nilfs2: do not force clear folio if buffer is referenced Patch series "nilfs2: protect busy buffer heads from being force-cleared". This series fixes the buffer head state inconsistency issues reported by syzbot that occurs when...
CVE-2025-21721
In the Linux kernel, the following vulnerability has been resolved: nilfs2: handle errors that nilfspreparechunk may return Patch series "nilfs2: fix issues with rename operations". This series fixes BUGON check failures reported by syzbot around rename operations, and a minor behavioral issue...
PT-2025-14288
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the fixed version Description: A vulnerability in the Linux kernel has been resolved, related to memory failure and the update of the ttu flag inside unmap poisoned folio. The issue arises during folio migration...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ocfs2: Remove the unreasonable unlock in ocfs2readblocks. Patch series “Misc fixes for ocfs2readblocks”, version 5. This series contains two fixes for ocfs2readblocks. The first patch addresses the issue reported by syzbot, which...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: nilfs2: Fix null-ptr-deref in blocktouchbuffer tracepoint The patch series “nilfs2: Fix null-ptr-deref bugs on block tracepoints” addresses these bugs that occur when using nilfs2 and two block-related tracepoints. This patch...
CLSA-2025-1738170434 Fix CVE(s): CVE-2024-12747
SECURITY UPDATE: race condition during rsync's handling of symbolic links - debian/patches/CVE-2024-12747.patch: prevent symlink race preventing a normal file from being replaced by a symlink - CVE-2024-12747 debian/rules, debian/patches/series: use series file to manage patches...
CVE-2024-57886
In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: fix new damontarget objects leaks on damoncommittargets Patch series "mm/damon/core: fix memory leaks and ignored inputs from damoncommitctx". Due to two bugs in damoncommittargets and damoncommitschemes, which are...
CVE-2024-53131 nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix null-ptr-deref in blocktouchbuffer tracepoint Patch series "nilfs2: fix null-ptr-deref bugs on block tracepoints". This series fixes null pointer dereference bugs that occur when using nilfs2 and two block-related...