SUSE CVE-2026-46106

In the Linux kernel, the following vulnerability has been resolved: eventfs: Hold eventfsmutex and SRCU when remount walks events Commit 340f0c7067a9 "eventfs: Update all the eventfsinodes from the events descriptor" had eventfssetattrs recurse through ei-children on remount. The walk only holds...

Linux Distros Unpatched Vulnerability : CVE-2026-46106

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: eventfs: Hold eventfsmutex and SRCU when remount walks events Commit 340f0c7067a9 eventfs:...

CVE-2026-46106

A flaw was found in the Linux kernel's eventfs component. This vulnerability allows a local attacker to trigger a race condition during remount operations. By exploiting insufficient locking mechanisms when processing event descriptors, an attacker can cause memory corruption, leading to a denial...

EUVD-2026-32865

In the Linux kernel, the following vulnerability has been resolved: eventfs: Hold eventfsmutex and SRCU when remount walks events Commit 340f0c7067a9 "eventfs: Update all the eventfsinodes from the events descriptor" had eventfssetattrs recurse through ei-children on remount. The walk only holds...

CVE-2026-46106

In the Linux kernel, the following vulnerability has been resolved: eventfs: Hold eventfsmutex and SRCU when remount walks events Commit 340f0c7067a9 "eventfs: Update all the eventfsinodes from the events descriptor" had eventfssetattrs recurse through ei-children on remount. The walk only holds...

UBUNTU-CVE-2026-46106

In the Linux kernel, the following vulnerability has been resolved: eventfs: Hold eventfsmutex and SRCU when remount walks events Commit 340f0c7067a9 "eventfs: Update all the eventfsinodes from the events descriptor" had eventfssetattrs recurse through ei-children on remount. The walk only holds...

CVE-2026-46106

In the Linux kernel, the following vulnerability has been resolved: eventfs: Hold eventfsmutex and SRCU when remount walks events Commit 340f0c7067a9 "eventfs: Update all the eventfsinodes from the events descriptor" had eventfssetattrs recurse through ei-children on remount. The walk only holds...

CVE-2026-46106

The CVE concerns the Linux kernel eventfs/tracing path. A remount walk over eventfs_inodes could race: tracefs_apply_options() held only an rcu_read_lock() while eventfs_inodes were freed via SRCU, and writes to ei->attr raced with eventfs_set_attr() which holds eventfs_mutex. The fix, describ...

CVE-2026-46106 eventfs: Hold eventfs_mutex and SRCU when remount walks events

In the Linux kernel, the following vulnerability has been resolved: eventfs: Hold eventfsmutex and SRCU when remount walks events Commit 340f0c7067a9 "eventfs: Update all the eventfsinodes from the events descriptor" had eventfssetattrs recurse through ei-children on remount. The walk only holds...

PT-2026-44229

In the Linux kernel, the following vulnerability has been resolved: eventfs: Hold eventfs mutex and SRCU when remount walks events Commit 340f0c7067a9 "eventfs: Update all the eventfs inodes from the events descriptor" had eventfs set attrs recurse through ei-children on remount. The walk only...

BoxLite: Permission Bypass Allows Modification of Read-Only Files

Summary Boxlite is a sandbox service that allows users to create lightweight virtual machines Boxes and launch OCI containers within them to run untrusted code. One of the core security features claimed by Boxlite is the ability to mount host directories in read-only mode readonly=True into the V...

GHSA-G6WW-W5J2-R7X3 BoxLite: Permission Bypass Allows Modification of Read-Only Files

Summary Boxlite is a sandbox service that allows users to create lightweight virtual machines Boxes and launch OCI containers within them to run untrusted code. One of the core security features claimed by Boxlite is the ability to mount host directories in read-only mode readonly=True into the V...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ext4: fixed a possible Use-after-Allocation UAF issue when remounting a read-only mmp-protected file system. After committing the change 618f003199c6 “ext4: fixing a memory leak in ext4fillsuper”, there is a race condition where...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: In ext4, the work related to queued discard operations is always drained in ext4mbrelease. While reviewing the recent ext4 patch1, Sashiko raised the following concern2: If the filesystem is initially mounted with the discard...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: tracefs: Resets permissions on files when they are remounted, if the permissions are specified as options. There is an inconsistency in how permissions are handled in tracefs. Since permissions are generated when accessed, the...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: f2fs: Fix to correctly check the readonly condition. In the following case, it is possible to mount a multi-device image with the rw option. However, if one of the secondary devices is set as ro, subsequent updates will cause a...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fixed the use-after-free bug of nswriter when remounting the filesystem. If a nilfs2 filesystem is downgraded to read-only due to metadata corruption on the disk, and it is remounted with read/write access, or if an...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: efivarfs: Force RO when remounting if SetVariable is not supported If SetVariable at runtime is not supported by the firmware, we never assign a callback for that function. At the same time, we mount efivarfs as RO so that no one...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ocfs2: The issue of slab-use-after-free occurred due to a dangling pointer dqipriv. When mounting ocfs2 and then remounting it as read-only, a slab-use-after-free occurs after the user uses the syscall to call ocfs2getnextid...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: btrfs: Fix for an assertion failure when building the free space tree. When building the free space tree with the block group tree feature enabled, an assertion failure may occur as follows: BTRFS info device loop0 state M:...