Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: f2fs: The flag SBRDONLY is no longer set during the f2fshandlecriticalerror function. The syzbot reports a bug in f2fs as follows: ------------ Cut here ------------ WARNING: CPU: 1, PID: 58, in kernel/rcu/sync.c:177, function...

CVE-2026-43299

In the Linux kernel, the following vulnerability has been resolved: btrfs: do not ASSERT when the fs flips RO inside btrfsrepairiofailure BUG There is a bug report that when btrfs hits ENOSPC error in a critical path, btrfs flips RO this part is expected, although the ENOSPC bug still needs to be...

GHSA-WWJ6-VGHV-5P64 Kata Container to Guest micro VM privilege escalation

Summary An issue in Kata with Cloud Hypervisor allows a user of the container to modify the file system used by the Guest micro VM ultimately achieving arbitrary code execution as root in said VM. The current understinding is this doesn’t impact the security of the Host or of other containers / V...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002108)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002108 advisory. The clonemnt function in fs/namespace.c in the Linux kernel before 3.8.6 does not properly restrict changes to the MNTREADONLY flag, which allows local users to bypa...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001894)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001894 advisory. The clonemnt function in fs/namespace.c in the Linux kernel before 3.8.6 does not properly restrict changes to the MNTREADONLY flag, which allows local users to bypa...

NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags

...

CVE-2025-68764 NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags

In the Linux kernel, the following vulnerability has been resolved: NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags When a filesystem is being automounted, it needs to preserve the user-set superblock mount options, such as the "ro" flag...

CVE-2025-68764

CVE-2025-68764 : The OSV entry confirms a Linux kernel fix for NFS automounts not inheriting user-specified mount flags (ro, noexec, nodev, sync). Root cause: during automount, the superblock options were not preserved; fix ensures these mount options propagate to the automounted filesystem. Impa...

CVE-2025-68764 NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags

In the Linux kernel, the following vulnerability has been resolved: NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags When a filesystem is being automounted, it needs to preserve the user-set superblock mount options, such as the "ro" flag...

CVE-2023-54099

In the Linux kernel, the following vulnerability has been resolved: fs: Protect reconfiguration of sb read-write from racing writes The reconfigure / remount code takes a lot of effort to protect filesystem's reconfiguration code from racing writes on remounting read-only. However during remounti...

CVE-2023-54099

CVE-2023-54099 relates to a race in Linux kernel remount handling where clearing SB_RDONLY to switch a filesystem from read-only to read-write could briefly allow userspace writes before the filesystem is fully ready. The issue is in the remount/reconfiguration path; the recommended fix is to tra...

PT-2025-53176

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to filesystem remounting. Specifically, the code responsible for reconfiguring or remounting filesystems does not adequately protect against...

CVE-2023-53835

The CVE-2023-53835 entry concerns the Linux kernel ext4 filesystem: when remounting from read-only to read/write, SB_RDONLY can be cleared before quota is initialized, potentially triggering a WARN_ON_ONCE(dquot_initialize_needed(inode)) in ext4_xattr_block_set(). The issue is documented with a d...

CVE-2023-53835

...

EUVD-1999-1363

Malware in sbrugna...

kernel: ext4: don't set SB_RDONLY after filesystem errors

In the Linux kernel, the following vulnerability has been resolved: ext4: don't set SBRDONLY after filesystem errors When the filesystem is mounted with errors=remount-ro, we were setting SBRDONLY flag to stop all filesystem modifications. We knew this misses proper locking sb-sumount and does no...

f2fs: fix to don't set SB_RDONLY in f2fs_handle_critical_error()

...

SUSE CVE-2024-47689

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to don't set SBRDONLY in f2fshandlecriticalerror syzbot reports a f2fs bug as below: ------------ cut here ------------ WARNING: CPU: 1 PID: 58 at kernel/rcu/sync.c:177 rcusyncdtor+0xcd/0x180 kernel/rcu/sync.c:177 CPU: ...

DEBIAN-CVE-2024-47689

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to don't set SBRDONLY in f2fshandlecriticalerror syzbot reports a f2fs bug as below: ------------ cut here ------------ WARNING: CPU: 1 PID: 58 at kernel/rcu/sync.c:177 rcusyncdtor+0xcd/0x180 kernel/rcu/sync.c:177 CPU: ...

PT-2024-32742

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.58 Description A vulnerability in the Linux kernel has been resolved, specifically in the f2fs filesystem. The issue arises from the f2fs setting the SB RDONLY flag in an internal function rather than through...