13 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-43046
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: reject root items with dropprogress and zero droplevel BUG When recovering relocation at mount time, mergerelocroot and btrfsdropsnapshot both use...
CVE-2026-43046
CVE-2026-43046 affects the Linux kernel, specifically btrfs relocation logic where a non-zero drop_progress with drop_level == 0 can be observed in a read-back root_item. The root_item invariant is now validated in the tree-checker when reading from disk: if drop_progress.objectid is non-zero, dr...
CVE-2026-43046 btrfs: reject root items with drop_progress and zero drop_level
In the Linux kernel, the following vulnerability has been resolved: btrfs: reject root items with dropprogress and zero droplevel BUG When recovering relocation at mount time, mergerelocroot and btrfsdropsnapshot both use BUGONlevel == 0 to guard against an impossible state: a non-zero dropprogre...
PT-2026-36463
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.0-rc2-next-20260310 Description An issue exists in the btrfs file system where the kernel fails to validate the root item invariant when reading it from disk. Specifically, if drop progress.objectid is...
CVE-2023-54253
The CVE describes a Linux kernel bug in Btrfs relocation: calling set_page_extent_mapped before validating the folio/page can trigger a kernel BUG during relocate_one_page. The fix, as noted in the description, is to move set_page_extent_mapped to after the btrfs_read_folio block so the subpage b...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992613)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992613 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: unset reloc control if transaction commit fails in preparetorelocate In...
SUSE CVE-2023-54080
In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: skip splitting and logical rewriting on pre-alloc write When doing a relocation, there is a chance that at the time of btrfsrelocclonecsums, there is no checksum for the corresponding region. In this case,...
CVE-2023-54080
In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: skip splitting and logical rewriting on pre-alloc write When doing a relocation, there is a chance that at the time of btrfsrelocclonecsums, there is no checksum for the corresponding region. In this case,...
CVE-2023-54121
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix incorrect splitting in btrfsdropextentmaprange In production we were seeing a variety of WARNON's in the extentmap code, specifically in btrfsdropextentmaprange when we have to call addextentmapping for our second spli...
EUVD-2025-28973
Malicious code in bioql PyPI...
PT-2025-53157
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.5.0-rc6-kts+ Description The Linux kernel contains a flaw within the btrfs zoned mode related to handling pre-allocated writes during relocation. Specifically, the issue arises when a checksum is unavailable fo...
GHSA-XWQR-XMGG-J69Q Integer overflow in solana_rbpf
From version 0.2.14 to 0.2.16 for Solana rBPF, function "relocate" in the file src/elf.rs has an integer overflow bug because the sym.stvalue is read directly from ELF file without checking. If the sym.stvalue is rather large, an integer overflow is triggered while calculating the variable "addr"...
kernel: isofs: unbound recursion when processing relocated directories
It was found that the parserockridgeinodeinternal function of the Linux kernel's ISOFS implementation did not correctly check relocated directories when processing Rock Ridge child link CL tags. An attacker with physical access to the system could use a specially crafted ISO image to crash the...