1279 matches found
CVE-2026-53050
A flaw was found in the Linux kernel. A race condition exists between the dquotscanactive function and quota deactivation within quotareleaseworkfn. This vulnerability could allow a local attacker to cause memory corruption by manipulating quota operations, potentially leading to system instabili...
CVE-2026-53050 quota: Fix race of dquot_scan_active() with quota deactivation
In the Linux kernel, the following vulnerability has been resolved: quota: Fix race of dquotscanactive with quota deactivation dquotscanactive can race with quota deactivation in quotareleaseworkfn like: CPU0 quotareleaseworkfn CPU1 dquotscanactive ==============================...
EUVD-2026-38918
In the Linux kernel, the following vulnerability has been resolved: quota: Fix race of dquotscanactive with quota deactivation dquotscanactive can race with quota deactivation in quotareleaseworkfn like: CPU0 quotareleaseworkfn CPU1 dquotscanactive ==============================...
CVE-2026-53050
CVE-2026-53050 affects the Linux kernel quota subsystem, where dquot_scan_active() can race with quota deactivation in quota_release_workfn(), potentially causing memory corruption or use-after-free under memory pressure. Verified in multiple sources; the workaround/mitigation is to remove the dq...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: Fixed a race condition when deleting the quota root from the “dirtycowonlyroots” list. When disabling quotas, we delete the quota root from the fsinfo-dirtycowonlyroots list without locking it, which requires the protectio...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ext4: Turn quotas off if mount fails after enabling quotas Yi discovered during a review of the patch “ext4: Don’t report errors with inconsistent journal features” that when ext4markrecoverycomplete returns an error value, the...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: btrfs: fixed a race condition between quota rescan and disabling quotas, which could lead to a NULL pointer derefrence. If one task attempts to start the quota rescan worker while another task attempts to disable quotas, we can e...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: btrfs: Fixed a deadlock between the quota disable process and the qgroup rescan worker process. The quota disable ioctl initiates a transaction before waiting for the qgroup rescan worker to complete. However, this wait can be...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: btrfs: fixed the qgroup reserve leaks in cowfilerange. In the buffered write path, the dirty page owns the qgroup reserve until it creates an orderedextent. Therefore, any errors that occur before the orderedextent is created...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: ext4: fixed the bug in estreesearch caused by a faulty quota inode We have the following issues: ========================================= Kernel bug in fs/ext4/extentsstatus.c:202! Invalid opcode: 0000 1 PREEMPT SMP CPU: 1 PI...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: f2fs: quota: fixed the loop condition in f2fsquotasync The parameter cnt should be passed to sbhasquotaactive, rather than type, to correctly check the active quota. Moreover, when the type is -1, the compiler, with sufficient...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ocfs2: Fixed a slab-use-after-free issue caused by a dangling pointer dqipriv. When mounting ocfs2 and then remounting it as read-only, a slab-use-after-free occurs after the user uses the syscall to call ocfs2getnextid...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ocfs2: Fix for crashes when mounting with quota enabled There is a reported crash when mounting ocfs2 with quota enabled. Traceback: RIP: 0010:ocfs2qinfolockresinit+0x44/0x50 ocfs2 Call trace: ocfs2localreadinfo+0xb9/0x6f0 ocfs2...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: btrfs: qgroup: Fixed a leak in the qgroup prealloc resource reservation during subvolume operations. The creation of subvolumes, snapshots, and deletion of subvolumes all utilize btrfssubvolumereservemetadata to reserve metada...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: - xfs: scrub: Unlock dquot before an early return in quota scrub. - xchkquotaitem: Can return early after calling xchkfblockprocesserror. If this helper returns false, the function returns immediately without dropping dq-qqloc...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: ext4: Initializing quotas for ‘old.inode’ in ‘ext4rename’. Syzbot identified the following issues: - ext4parseparam: swantextraisize=128 - ext4inodeinfoinit: swantextraisize=32 - ext4rename: old.inode=ffff88823869a2c8;...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: qgroup: Fixed the issue where quota root leaks after quota disabling fails. If, during quota disabling, we fail to clean the quota tree or delete the root node from the root tree, we jump to the ‘out’ label without ever...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Quota: Fixed a warning in dqgrab. The following issue occurs during fault injection: WARNING: CPU: 1 PID: 14870 at include/linux/quotaops.h:51 dquotdisable+0x13b7/0x18c0 Modules linked in: CPU: 1 PID: 14870 Comm: fsconfig Not...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: f2fs: a fix was made to avoid NULL pointer dereferencing in f2fscheckquotaconsistency. The syzbot reported the following f2fs bug: Oops: gen 107.736417T5848. An general protection fault occurred, likely due to a non-canonical...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel before version 5.15.3, fs/quota/quotatree.c does not validate the block number in the quota tree on disk. This can, for example, lead to a kernel/locking/rwsem.c use-after-free if there is a corrupted quota file...