96 matches found
CVE-2026-4017
Buffer Overflow in the entry handler of the TraceEvent system call could allow an attacker with local access to cause information disclosure, data tampering or a crash of the QNX Neutrino kernel...
CVE-2026-4018
TOCTOU Race Condition in specific trace commands of the TraceEvent system call could allow an attacker with local access and with the PROCMGRAIDTRACE ability, to cause information disclosure, data tampering or a crash of the QNX Neutrino kernel...
CVE-2026-4018 TOCTOU race condition in the QNX Neutrino kernel impacts versions of the QNX Software Development Platform and QNX OS for Safety
TOCTOU Race Condition in specific trace commands of the TraceEvent system call could allow an attacker with local access and with the PROCMGRAIDTRACE ability, to cause information disclosure, data tampering or a crash of the QNX Neutrino kernel...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fixed the svcdeferredevent trace class. Fixed a NULL dereference crash that occurs when an svcrqst is deferred, while the sunrpc tracing subsystem is enabled. svcrevisit sets dr-xprt to NULL, so it cannot be relied upon i...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Tracing: It was determined that processstring also allows arrays. To address a common bug where TRACEEVENT’s TPfastassign assigns the address of an allocated string to the ring buffer and then references it in TPPrintk, which can...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: Tracing: Fixed a sleeping function called from an invalid context in the RT kernel. When setting bootparams="traceevent=initcall:initcallstart tpprintk=1" in the cmdline, the outputprintk function was called, and spinlockirqsave...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Tracing: kprobe: Fixed a potential nullptrdereference issue in traceeventfile in kprobeeventgentestexit. When tracegeteventfile fails, genkretprobetest will be assigned as the error code. If the kprobeeventgentest module is remov...
Linux Distros Unpatched Vulnerability : CVE-2026-31597
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ocfs2: fix use-after-free in ocfs2fault when VMFAULTRETRY filemapfault may drop the mmaplock before returning VMFAULTRETRY, as documented in mm/filemap.c: If ou...
CVE-2026-31597
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix use-after-free in ocfs2fault when VMFAULTRETRY filemapfault may drop the mmaplock before returning VMFAULTRETRY, as documented in mm/filemap.c: "If our return value has VMFAULTRETRY set, it's because the mmaplock may b...
DEBIAN-CVE-2026-31597
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix use-after-free in ocfs2fault when VMFAULTRETRY filemapfault may drop the mmaplock before returning VMFAULTRETRY, as documented in mm/filemap.c: "If our return value has VMFAULTRETRY set, it's because the mmaplock may b...
CVE-2026-31597 ocfs2: fix use-after-free in ocfs2_fault() when VM_FAULT_RETRY
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix use-after-free in ocfs2fault when VMFAULTRETRY filemapfault may drop the mmaplock before returning VMFAULTRETRY, as documented in mm/filemap.c: "If our return value has VMFAULTRETRY set, it's because the mmaplock may b...
CVE-2026-31597
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix use-after-free in ocfs2fault when VMFAULTRETRY filemapfault may drop the mmaplock before returning VMFAULTRETRY, as documented in mm/filemap.c: "If our return value has VMFAULTRETRY set, it's because the mmaplock may b...
EUVD-2026-25490
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix use-after-free in ocfs2fault when VMFAULTRETRY filemapfault may drop the mmaplock before returning VMFAULTRETRY, as documented in mm/filemap.c: "If our return value has VMFAULTRETRY set, it's because the mmaplock may b...
CVE-2026-31597
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix use-after-free in ocfs2fault when VMFAULTRETRY filemapfault may drop the mmaplock before returning VMFAULTRETRY, as documented in mm/filemap.c: "If our return value has VMFAULTRETRY set, it's because the mmaplock may b...
PT-2026-34949
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the ocfs2 fault function. This occurs because filemap fault may drop the mmap lock before returning VM FAULT RETRY. In such cases, a concurrent munmap ca...
SUSE CVE-2026-31453
In the Linux kernel, the following vulnerability has been resolved: xfs: avoid dereferencing log items after push callbacks After xfsaildpushitem calls ioppush, the log item may have been freed if the AIL lock was dropped during the push. Background inode reclaim or the dquot shrinker can free th...
CVE-2026-31453 xfs: avoid dereferencing log items after push callbacks
In the Linux kernel, the following vulnerability has been resolved: xfs: avoid dereferencing log items after push callbacks After xfsaildpushitem calls ioppush, the log item may have been freed if the AIL lock was dropped during the push. Background inode reclaim or the dquot shrinker can free th...
CVE-2026-31453
The CVE-2026-31453 issue affects the Linux kernel XFS path. The root cause is use-after-free-like behavior: after xfsaild_push_item() calls iop_push(), the log item could be freed if the AIL lock is dropped, allowing a freed log item to be dereferenced by tracepoints in the switch that follow. Th...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Tracing: Add downwritetraceeventsem when adding a trace event. When a module is loaded, it adds trace events defined by that module. It may also be necessary to modify the module’s trace printk formats by replacing enum names wit...
Azure Linux 3.0 Security Update: kernel (CVE-2025-37938)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37938 advisory. - In the Linux kernel, the following vulnerability has been resolved: tracing: Verify event formats that have...