19 matches found
CVE-2026-46013
A flaw was found in the Linux kernel. An issue in the memfdluo component, specifically within the putfolios cleanup path of memfdluoretrievefolios, leads to incorrect physical address conversion and a missing check for sparse file holes. This could result in incorrect memory handling, potentially...
EUVD-2026-32310
In the Linux kernel, the following vulnerability has been resolved: mm/memfdluo: fix physical address conversion in putfolios cleanup In memfdluoretrievefolios's putfolios cleanup path: 1. khorestorefolio expects a physaddrt physical address but receives a raw PFN pfolio-pfn. This causes...
CVE-2026-46013 mm/memfd_luo: fix physical address conversion in put_folios cleanup
In the Linux kernel, the following vulnerability has been resolved: mm/memfdluo: fix physical address conversion in putfolios cleanup In memfdluoretrievefolios's putfolios cleanup path: 1. khorestorefolio expects a physaddrt physical address but receives a raw PFN pfolio-pfn. This causes...
Astra Linux - уязвимость в tar
In the sparse.c file of GNU Tar, before version 1.32, there was a NULL pointer dereferencing issue when parsing certain archives that contained malformed extended headers...
TencentOS Server 3: go-toolset:rhel8 (TSSA-2025:1002)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:1002 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
golang: archive/tar: Unbounded allocation when parsing GNU sparse map
A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go...
SUSE-SU-2024:2463-1 Security update for squashfs
This update for squashfs fixes the following issues: - CVE-2015-4645,CVE-2015-4646: Multiple buffer overflows fixed in squashfs-tools bsc935380 - CVE-2021-40153: Fixed an issue where an attacker might have been able to write a file outside of destination bsc1189936 - CVE-2021-41072: Fixed an issu...
SUSE CVE-2011-2695
Multiple off-by-one errors in the ext4 subsystem in the Linux kernel before 3.0-rc5 allow local users to cause a denial of service BUGON and system crash by accessing a sparse file in extent format with a write operation involving a block number corresponding to the largest possible 32-bit unsign...
Scientific Linux Security Update : rsync on SL5.x i386/x86_64
rsync is a program for synchronizing files over a network. A flaw was found in the way the rsync daemon handled the 'filter', 'exclude', and 'exclude from' options, used for hiding files and preventing access to them from rsync clients. A remote attacker could use this flaw to bypass those...
kernel: ext4: kernel panic when writing data to the last block of sparse file
Multiple off-by-one errors in the ext4 subsystem in the Linux kernel before 3.0-rc5 allow local users to cause a denial of service BUGON and system crash by accessing a sparse file in extent format with a write operation involving a block number corresponding to the largest possible 32-bit unsign...
CentOS 5 : rsync (CESA-2011:0999)
An updated rsync package that fixes one security issue, several bugs, and adds enhancements is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which...
kernel: ext4: kernel panic when writing data to the last block of sparse file
Multiple off-by-one errors in the ext4 subsystem in the Linux kernel before 3.0-rc5 allow local users to cause a denial of service BUGON and system crash by accessing a sparse file in extent format with a write operation involving a block number corresponding to the largest possible 32-bit unsign...
kernel: ext4: kernel panic when writing data to the last block of sparse file
Multiple off-by-one errors in the ext4 subsystem in the Linux kernel before 3.0-rc5 allow local users to cause a denial of service BUGON and system crash by accessing a sparse file in extent format with a write operation involving a block number corresponding to the largest possible 32-bit unsign...
rsync security, bug fix, and enhancement update
3.0.6-4 - fix 700450 - free parsed hostnames - fix 575022 - set TZ variable after chroot 3.0.6-3 - Add upstream patch to fix CVE-2011-1097 - Incremental file-list corruption due to temporary fileextracnt increments Resolves: 688923 3.0.6-2 - Remove BuildRequires dependency on popt-devel, until th...
Integer overflow
Multiple off-by-one errors in the ext4 subsystem in the Linux kernel before 3.0-rc5 allow local users to cause a denial of service BUGON and system crash by accessing a sparse file in extent format with a write operation involving a block number corresponding to the largest possible 32-bit unsign...
CVE-2011-2695
Multiple off-by-one errors in the ext4 subsystem in the Linux kernel before 3.0-rc5 allow local users to cause a denial of service BUGON and system crash by accessing a sparse file in extent format with a write operation involving a block number corresponding to the largest possible 32-bit unsign...
UBUNTU-CVE-2011-2695
Multiple off-by-one errors in the ext4 subsystem in the Linux kernel before 3.0-rc5 allow local users to cause a denial of service BUGON and system crash by accessing a sparse file in extent format with a write operation involving a block number corresponding to the largest possible 32-bit unsign...
PT-2011-4031 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.0-rc5 Description: The issue is related to multiple off-by-one errors in the ext4 subsystem of the Linux kernel. These errors allow local users to cause a denial of service, resulting in a system crash, by...
Moderate: Red Hat Security Advisory: rsync security, bug fix, and enhancement update
An updated rsync package that fixes one security issue, several bugs, and adds enhancements is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which...