24 matches found
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: btrfs: set generation before calling btrfscleantreeblock in btrfsinitnewbuffer syzbot is reporting uninit-value in btrfscleantreeblock 1, for commit bc877d285ca3dba2 "btrfs: Deduplicate extentbuffer init code" missed that...
SUSE CVE-2022-50766
In the Linux kernel, the following vulnerability has been resolved: btrfs: set generation before calling btrfscleantreeblock in btrfsinitnewbuffer syzbot is reporting uninit-value in btrfscleantreeblock 1, for commit bc877d285ca3dba2 "btrfs: Deduplicate extentbuffer init code" missed that...
EUVD-2022-55795
In the Linux kernel, the following vulnerability has been resolved: btrfs: set generation before calling btrfscleantreeblock in btrfsinitnewbuffer syzbot is reporting uninit-value in btrfscleantreeblock 1, for commit bc877d285ca3dba2 "btrfs: Deduplicate extentbuffer init code" missed that...
UBUNTU-CVE-2022-50766
In the Linux kernel, the following vulnerability has been resolved: btrfs: set generation before calling btrfscleantreeblock in btrfsinitnewbuffer syzbot is reporting uninit-value in btrfscleantreeblock 1, for commit bc877d285ca3dba2 "btrfs: Deduplicate extentbuffer init code" missed that...
CVE-2022-50766
In the Linux kernel, the following vulnerability has been resolved: btrfs: set generation before calling btrfscleantreeblock in btrfsinitnewbuffer syzbot is reporting uninit-value in btrfscleantreeblock 1, for commit bc877d285ca3dba2 "btrfs: Deduplicate extentbuffer init code" missed that...
CVE-2022-50766
Summary: CVE-2022-50766 is a Linux kernel vulnerability in the Btrfs path. Reported to affect the Btrfs init flow, where generation data was incorrectly handled in btrfs_init_new_buffer, leading to uninitialized reads in btrfs_clean_tree_block. The root cause is that btrfs_set_header_generation()...
CVE-2022-50766 btrfs: set generation before calling btrfs_clean_tree_block in btrfs_init_new_buffer
In the Linux kernel, the following vulnerability has been resolved: btrfs: set generation before calling btrfscleantreeblock in btrfsinitnewbuffer syzbot is reporting uninit-value in btrfscleantreeblock 1, for commit bc877d285ca3dba2 "btrfs: Deduplicate extentbuffer init code" missed that...
PT-2025-53132
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the btrfs file system. Specifically, the issue involves the order of operations within the btrfs init new buffer function. The btrfs set head...
EUVD-2024-53402
Malicious code in bioql PyPI...
btrfs: do not BUG_ON() when freeing tree block after error
...
Linux Distros Unpatched Vulnerability : CVE-2024-44963
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: do not BUGON when freeing tree block after error When freeing a tree block, at btrfsfreetreeblock, if we fail to create a delayed reference we don't deal...
CLSA-2025-1739352814 kernel: Fix of 13 CVEs
media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat CVE-2024-53104 - btrfs: fix information leak in btrfsioctllogicaltoino CVE-2024-35849 - net: afcan: do not leave a dangling sk pointer in cancreate CVE-2024-56603 - netfilter: xtables: fix LED ID check in ledtgcheck...
CVE-2024-56759 btrfs: fix use-after-free when COWing tree bock and tracing is enabled
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free when COWing tree bock and tracing is enabled When a COWing a tree block, at btrfscowblock, and we have the tracepoint tracebtrfscowblock enabled and preemption is also enabled CONFIGPREEMPT=y, we can...
CVE-2024-56759
CVE-2024-56759 concerns the Linux kernel: when Btrfs COWs a tree block with tracing enabled (trace_btrfs_cow_block) and preemption is on, a use-after-free can occur on the COWed extent buffer. The root cause is that tracepoint handling could observe a buffer after it is freed via RCUs, if preempt...
AZL-49953 CVE-2024-44963 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: btrfs: do not BUGON when freeing tree block after error When freeing a tree block, at btrfsfreetreeblock, if we fail to create a delayed reference we don't deal with the error and just do a BUGON. The error most likely to happen ...
AZL-49924 CVE-2024-44963 affecting package kernel for versions less than 6.6.64.2-9
In the Linux kernel, the following vulnerability has been resolved: btrfs: do not BUGON when freeing tree block after error When freeing a tree block, at btrfsfreetreeblock, if we fail to create a delayed reference we don't deal with the error and just do a BUGON. The error most likely to happen ...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a space leak that could result from an error in the btrfs file system after releasing a tree block...
CVE-2022-26507
A heap-based buffer overflow exists in XML Decompression DecodeTreeBlock in AT&T Labs Xmill 0.7. A crafted input file can lead to remote code execution. This is not the same as any of: CVE-2021-21810, CVE-2021-21811, CVE-2021-21812, CVE-2021-21815, CVE-2021-21825, CVE-2021-21826, CVE-2021-21828,...
CVE-2022-26507
A heap-based buffer overflow exists in XML Decompression DecodeTreeBlock in AT&T Labs Xmill 0.7. A crafted input file can lead to remote code execution. This is not the same as any of: CVE-2021-21810, CVE-2021-21811, CVE-2021-21812, CVE-2021-21815, CVE-2021-21825, CVE-2021-21826, CVE-2021-21828,...
CVE-2021-21827
A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7. Within DecodeTreeBlock which is called during the decompression of an XMI file, a UINT32 is loaded from the file and used as trusted input as the length of a buffer. An...