Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the reuse of freed memory during the resize operation in the md/bitmap functions. This could...

SUSE CVE-2026-31596

In the Linux kernel, the following vulnerability has been resolved: ocfs2: handle invalid dinode in ocfs2groupextend BUG kernel BUG at fs/ocfs2/resize.c:308! Oops: invalid opcode: 0000 1 SMP KASAN NOPTI RIP: 0010:ocfs2groupextend+0x10aa/0x1ae0 fs/ocfs2/resize.c:308 Code: 8b8520ff ffff83f8 860f858...

DEBIAN-CVE-2026-31596

In the Linux kernel, the following vulnerability has been resolved: ocfs2: handle invalid dinode in ocfs2groupextend BUG kernel BUG at fs/ocfs2/resize.c:308! Oops: invalid opcode: 0000 1 SMP KASAN NOPTI RIP: 0010:ocfs2groupextend+0x10aa/0x1ae0 fs/ocfs2/resize.c:308 Code: 8b8520ff ffff83f8 860f858...

CVE-2026-31596

In the Linux kernel, the following vulnerability has been resolved: ocfs2: handle invalid dinode in ocfs2groupextend BUG kernel BUG at fs/ocfs2/resize.c:308! Oops: invalid opcode: 0000 1 SMP KASAN NOPTI RIP: 0010:ocfs2groupextend+0x10aa/0x1ae0 fs/ocfs2/resize.c:308 Code: 8b8520ff ffff83f8 860f858...

CVE-2026-31596 ocfs2: handle invalid dinode in ocfs2_group_extend

In the Linux kernel, the following vulnerability has been resolved: ocfs2: handle invalid dinode in ocfs2groupextend BUG kernel BUG at fs/ocfs2/resize.c:308! Oops: invalid opcode: 0000 1 SMP KASAN NOPTI RIP: 0010:ocfs2groupextend+0x10aa/0x1ae0 fs/ocfs2/resize.c:308 Code: 8b8520ff ffff83f8 860f858...

CVE-2026-31596

In the Linux kernel, the following vulnerability has been resolved: ocfs2: handle invalid dinode in ocfs2groupextend BUG kernel BUG at fs/ocfs2/resize.c:308! Oops: invalid opcode: 0000 1 SMP KASAN NOPTI RIP: 0010:ocfs2groupextend+0x10aa/0x1ae0 fs/ocfs2/resize.c:308 Code: 8b8520ff ffff83f8 860f858...

EUVD-2026-25489

In the Linux kernel, the following vulnerability has been resolved: ocfs2: handle invalid dinode in ocfs2groupextend BUG kernel BUG at fs/ocfs2/resize.c:308! Oops: invalid opcode: 0000 1 SMP KASAN NOPTI RIP: 0010:ocfs2groupextend+0x10aa/0x1ae0 fs/ocfs2/resize.c:308 Code: 8b8520ff ffff83f8 860f858...

PT-2026-34948

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the OCFS2 file system where the ocfs2 group extend function assumes that the global bitmap inode block returned from ocfs2 inode lock is already validated. In crafted...

CVE-2026-33021

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain a use-after-free vulnerability in sixelencoderencodebytes because sixelframeinit stores the caller-owned pixel buffer pointer directly in frame-pixels without making a defensive copy...

DEBIAN-CVE-2026-33021

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain a use-after-free vulnerability in sixelencoderencodebytes because sixelframeinit stores the caller-owned pixel buffer pointer directly in frame-pixels without making a defensive copy...

CVE-2026-33021

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain a use-after-free vulnerability in sixelencoderencodebytes because sixelframeinit stores the caller-owned pixel buffer pointer directly in frame-pixels without making a defensive copy...

UBUNTU-CVE-2026-33021

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain a use-after-free vulnerability in sixelencoderencodebytes because sixelframeinit stores the caller-owned pixel buffer pointer directly in frame-pixels without making a defensive copy...

CVE-2026-33021

CVE-2026-33021 (libsixel) is a use-after-free in sixel_encoder_encode_bytes() affecting libsixel 1.8.7 and earlier. The bug arises because sixel_frame_init() stores a caller-owned pixel buffer pointer directly in frame->pixels without copying. On a subsequent resize, sixel_frame_convert_to_rgb...

CVE-2026-24708

An issue was discovered in OpenStack Nova before 30.2.2, 31 before 31.2.1, and 32 before 32.1.1. By writing a malicious QCOW header to a root or ephemeral disk and then triggering a resize, a user may convince Nova's Flat image backend to call qemu-img without a format restriction, resulting in a...

CVE-2026-24708

An issue was discovered in OpenStack Nova before 30.2.2, 31 before 31.2.1, and 32 before 32.1.1. By writing a malicious QCOW header to a root or ephemeral disk and then triggering a resize, a user may convince Nova's Flat image backend to call qemu-img without a format restriction, resulting in a...

CVE-2026-24708

An issue was discovered in OpenStack Nova before 30.2.2, 31 before 31.2.1, and 32 before 32.1.1. By writing a malicious QCOW header to a root or ephemeral disk and then triggering a resize, a user may convince Nova's Flat image backend to call qemu-img without a format restriction, resulting in a...

External Control of File Name or Path

Overview nova is an OpenStack Nova provides a cloud computing fabric controller, supporting a wide variety of compute technologies, including: libvirt KVM, Xen, LXC and more, Hyper-V, VMware, XenServer, OpenStack Ironic and PowerVM. Affected versions of this package are vulnerable to External...

CVE-2025-62599 eprosima Fast DDS affected by Out-of-Memory in readPropertySeq via Manipulated DATA Submessage when DDS Security is enabled

eprosima Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group. Prior to 2.6.11, 2.14.6, 3.2.4, 3.3.1, and 3.4.1, when the security mode is enabled, modifying the DATA Submessage within an SPDP packet sent by a publisher causes an...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004248)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004248 advisory. A flaw was found in the Linux kernels implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992369)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992369 advisory. In the Linux kernel, the following vulnerability has been resolved: tty: vt: initialize unicode screen buffer syzbot reports kernel infoleak at vcsread 1, for buffe...