31 matches found
Astra Linux - уязвимость в linux
In the Linux kernel, the following vulnerability has been resolved: erofs: Fix for pcluster use-after-free on UP platforms During stress testing with CONFIGSMP disabled, KASAN reports the following issue: ================================================================== BUG: KASAN: Use-after-fre...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: erofs: Fixed a memory leak when the block address of a non-inlined pcluster is zero. syzkaller reported a memory leak: https://syzkaller.appspot.com/bug?id=62f37ff612f0021641eda5b17f056f1668aa9aed Unreferenced object...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: erofs: kill hooked chains to avoid loops on deduplicated compressed images After heavily stressing EROFS with several images which include a hand-crafted image of repeated patterns for more than 46 days, I found two chains could ...
SUSE CVE-2022-50743
In the Linux kernel, the following vulnerability has been resolved: erofs: Fix pcluster memleak when its block address is zero syzkaller reported a memleak: https://syzkaller.appspot.com/bug?id=62f37ff612f0021641eda5b17f056f1668aa9aed unreferenced object 0xffff88811009c7f8 size 136: ... backtrace...
EUVD-2022-55818
In the Linux kernel, the following vulnerability has been resolved: erofs: Fix pcluster memleak when its block address is zero syzkaller reported a memleak: https://syzkaller.appspot.com/bug?id=62f37ff612f0021641eda5b17f056f1668aa9aed unreferenced object 0xffff88811009c7f8 size 136: ... backtrace...
CVE-2022-50743
In the Linux kernel, the following vulnerability has been resolved: erofs: Fix pcluster memleak when its block address is zero syzkaller reported a memleak: https://syzkaller.appspot.com/bug?id=62f37ff612f0021641eda5b17f056f1668aa9aed unreferenced object 0xffff88811009c7f8 size 136: ... backtrace...
CVE-2022-50746
In the Linux kernel, the following vulnerability has been resolved: erofs: validate the extent length for uncompressed pclusters syzkaller reported a KASAN use-after-free: https://syzkaller.appspot.com/bug?extid=2ae90e873e97f1faf6f2 The referenced fuzzed image actually has two issues: - mpa == 0 ...
CVE-2022-50743
In the Linux kernel, the following vulnerability has been resolved: erofs: Fix pcluster memleak when its block address is zero syzkaller reported a memleak: https://syzkaller.appspot.com/bug?id=62f37ff612f0021641eda5b17f056f1668aa9aed unreferenced object 0xffff88811009c7f8 size 136: ... backtrace...
UBUNTU-CVE-2022-50743
In the Linux kernel, the following vulnerability has been resolved: erofs: Fix pcluster memleak when its block address is zero syzkaller reported a memleak: https://syzkaller.appspot.com/bug?id=62f37ff612f0021641eda5b17f056f1668aa9aed unreferenced object 0xffff88811009c7f8 size 136: ... backtrace...
CVE-2022-50743 erofs: Fix pcluster memleak when its block address is zero
In the Linux kernel, the following vulnerability has been resolved: erofs: Fix pcluster memleak when its block address is zero syzkaller reported a memleak: https://syzkaller.appspot.com/bug?id=62f37ff612f0021641eda5b17f056f1668aa9aed unreferenced object 0xffff88811009c7f8 size 136: ... backtrace...
CVE-2022-50743
Summary (CVE-2022-50743): In the Linux kernel’s erofs subsystem, a memleak occurs when a non-inline pcluster has a zero block address during readahead. Syzkaller reproduced a case in z_erofs_register_pcluster() where map->m_pa is zero and ztailpacking is false, causing pcl->obj.index to be ...
CVE-2022-50743 erofs: Fix pcluster memleak when its block address is zero
In the Linux kernel, the following vulnerability has been resolved: erofs: Fix pcluster memleak when its block address is zero syzkaller reported a memleak: https://syzkaller.appspot.com/bug?id=62f37ff612f0021641eda5b17f056f1668aa9aed unreferenced object 0xffff88811009c7f8 size 136: ... backtrace...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unverified uncompressed pcluster range length that could lead to out-of-bounds reads...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not checking the block address of a non-inline pcluster, which could lead to a memory leak...
Linux Distros Unpatched Vulnerability : CVE-2022-50743
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - erofs: Fix pcluster memleak when its block address is zero syzkaller reported a memleak:...
PT-2025-53109
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a memory leak in the erofs filesystem related to pcluster objects. Specifically, the issue occurs when a pcluster is registered with a zero block address, which...
EUVD-2022-54765
Malicious code in bioql PyPI...
DEBIAN-CVE-2022-49464
In the Linux kernel, the following vulnerability has been resolved: erofs: fix buffer copy overflow of ztailpacking feature I got some KASAN report as below: 46.959738 ================================================================== 46.960430 BUG: KASAN: use-after-free in...
SUSE CVE-2022-48674
In the Linux kernel, the following vulnerability has been resolved: erofs: fix pcluster use-after-free on UP platforms During stress testing with CONFIGSMP disabled, KASAN reports as below: ================================================================== BUG: KASAN: use-after-free in...
CVE-2022-48674
In the Linux kernel, the following vulnerability has been resolved: erofs: fix pcluster use-after-free on UP platforms During stress testing with CONFIGSMP disabled, KASAN reports as below: ================================================================== BUG: KASAN: use-after-free in...