261 matches found
CVE-2023-53317
In the Linux kernel, the following vulnerability has been resolved: ext4: fix WARNING in mbfindextent Syzbot found the following issue: EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioreadnolock, ODIRECT and fastcommit support! EXT4-fs loop0: orphan cleanup on readonl...
CVE-2023-53317
CVE-2023-53317 is a Linux kernel vulnerability in the ext4 subsystem, specifically the mb_find_extent path. The provided description shows a fix for a WARNING triggered in mb_find_extent and associated traces involving ext4_mb_complex_scan_group and ext4_ext_map_blocks, indicating a misbehavior i...
CVE-2023-53317
In the Linux kernel, the following vulnerability has been resolved: ext4: fix WARNING in mbfindextent Syzbot found the following issue: EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioreadnolock, ODIRECT and fastcommit support! EXT4-fs loop0: orphan cleanup on readonl...
CVE-2023-53317 ext4: fix WARNING in mb_find_extent
In the Linux kernel, the following vulnerability has been resolved: ext4: fix WARNING in mbfindextent Syzbot found the following issue: EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioreadnolock, ODIRECT and fastcommit support! EXT4-fs loop0: orphan cleanup on readonl...
CVE-2023-53317 ext4: fix WARNING in mb_find_extent
In the Linux kernel, the following vulnerability has been resolved: ext4: fix WARNING in mbfindextent Syzbot found the following issue: EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioreadnolock, ODIRECT and fastcommit support! EXT4-fs loop0: orphan cleanup on readonl...
PT-2025-38035
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.2.0-rc1-syzkaller Description: The Linux kernel contains a flaw within the ext4 filesystem related to block bitmap validation. Specifically, the mb find extent function may trigger a warning due to...
DEBIAN-CVE-2022-50239
In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom: fix writes in read-only memory region This commit fixes a kernel oops because of a write in some read-only memory: 9.068287 Unable to handle kernel write to read-only memory at virtual address ffff800009240ad8...
CVE-2023-0451
Econolite EOS versions prior to 3.2.23 lack a password requirement for gaining “READONLY” access to log files and certain database and configuration files. One such file contains tables with MD5 hashes and usernames for all defined users in the control software, including administrators and...
CVE-2022-34194
Jenkins Readonly Parameter Plugin 1.0.0 and earlier does not escape the name and description of Readonly String and Readonly Text parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
OESA-2025-1519 nodejs security update
Node.js is an open-source, cross-platform, JavaScript runtime environment, it executes JavaScript code outside of a browser. Security Fixes: A vulnerability has been identified in Node.js, affecting users of the experimental permission model when the --allow-fs-write flag is used. Node.js...
Linux Distros Unpatched Vulnerability : CVE-2024-42297
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - f2fs: fix to don't dirty inode for readonly filesystem syzbot reports f2fs bug as below: kernel BUG at fs/f2fs/inode.c:933! RIP: 0010:f2fsevictinode+0x1576/0x15...
SUSE CVE-2022-49178
In the Linux kernel, the following vulnerability has been resolved: memstick/msproblock: fix handling of read-only devices Use setdiskro to propagate the read-only state to the block layer instead of checking for it in -open and leaking a reference in case of a read-only device...
SUSE-SU-2025:20076-1 Security update for qemu
This update for qemu fixes the following issues: - Bugfixes and CVEs: hw/usb/hcd-ohci: Fix 1510, 303: pid not IN or OUT bsc1230834, CVE-2024-8354 softmmu: Support concurrent bounce buffers bsc1230915, CVE-2024-8612 system/physmem: Per-AddressSpace bounce buffering bsc1230915, CVE-2024-8612...
OESA-2025-1079 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: ext4: don't set SBRDONLY after filesystem errors When the filesystem is mounted with errors=remount-ro, we were setting SBRDONLY flag to stop all filesystem...
Security update for qemu
This update for qemu fixes the following issues: Security fixes: CVE-2024-8354: Fixed assertion failure in usbepget bsc1230834 CVE-2024-8612: Fixed information leak in virtio devices bsc1230915 Update version to 8.2.7: Security fixes: CVE-2024-7409: Fixed denial of service via improper...
CLSA-2024-1731603213 Fix of 76 CVEs
CVE-url: https://ubuntu.com/security/CVE-2024-44946 - kcm: Serialise kcmsendmsg for the same socket. CVE-url: https://ubuntu.com/security/CVE-2024-42292 - kobjectuevent: Fix OOB access within zapmodaliasenv CVE-url: https://ubuntu.com/security/CVE-2024-41042 - netfilter: nftables: prefer...
DEBIAN-CVE-2024-50118
In the Linux kernel, the following vulnerability has been resolved: btrfs: reject ro-rw reconfiguration if there are hard ro requirements BUG Syzbot reports the following crash: BTRFS info device loop0 state MCS: disabling free space tree BTRFS info device loop0 state MCS: clearing compat-ro...
OpenRefine's SQLite integration allows filesystem access, remote code execution (RCE)
Summary In the database extension, the "enableloadextension" property can be set for the SQLite integration, enabling an attacker to load local or remote extension DLLs and so run arbitrary code on the server. The attacker needs to have network access to the OpenRefine instance. Details The...
SUSE CVE-2024-47690
In the Linux kernel, the following vulnerability has been resolved: f2fs: get rid of online repaire on corrupted directory syzbot reports a f2fs bug as below: kernel BUG at fs/f2fs/inode.c:896! RIP: 0010:f2fsevictinode+0x1598/0x15c0 fs/f2fs/inode.c:896 Call Trace: evict+0x532/0x950 fs/inode.c:704...
AZL-51011 CVE-2024-47690 affecting package kernel for versions less than 6.6.56.1-5
In the Linux kernel, the following vulnerability has been resolved: f2fs: get rid of online repaire on corrupted directory syzbot reports a f2fs bug as below: kernel BUG at fs/f2fs/inode.c:896! RIP: 0010:f2fsevictinode+0x1598/0x15c0 fs/f2fs/inode.c:896 Call Trace: evict+0x532/0x950 fs/inode.c:704...