Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed to avoid out-of-bounds access in f2fstruncateinodeblocks syzbot reports an UBSAN issue as follows: ------------ cut here --- UBSAN: Array-index out-of-bounds in fs/f2fs/node.h:381:10 Index 18446744073709550692 is out ...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37739)

"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37739 advisory. - In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid out-of-bounds access...

EUVD-2025-28968

Malicious code in bioql PyPI...

jfs: truncate good inode pages when hard link is 0

...

DEBIAN-CVE-2025-39743

In the Linux kernel, the following vulnerability has been resolved: jfs: truncate good inode pages when hard link is 0 The fileset value of the inode copy from the disk by the reproducer is AGGRRESERVEDI. When executing evict, its hard link number is 0, so its inode pages are not truncated. This...

UBUNTU-CVE-2025-39743

In the Linux kernel, the following vulnerability has been resolved: jfs: truncate good inode pages when hard link is 0 The fileset value of the inode copy from the disk by the reproducer is AGGRRESERVEDI. When executing evict, its hard link number is 0, so its inode pages are not truncated. This...

Linux Distros Unpatched Vulnerability : CVE-2025-37739

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - f2fs: fix to avoid out-of-bounds access in f2fstruncateinodeblocks syzbot reports an UBSAN issue as below: ------------ cut here ------------ UBSAN:...

f2fs: fix to avoid out-of-bounds access in f2fs_truncate_inode_blocks()

...

UBUNTU-CVE-2025-38221

In the Linux kernel, the following vulnerability has been resolved: ext4: fix out of bounds punch offset Punching a hole with a start offset that exceeds maxend is not permitted and will result in a negative length in the truncateinodepartialfolio function while truncating the page cache,...

CVE-2025-38221 ext4: fix out of bounds punch offset

In the Linux kernel, the following vulnerability has been resolved: ext4: fix out of bounds punch offset Punching a hole with a start offset that exceeds maxend is not permitted and will result in a negative length in the truncateinodepartialfolio function while truncating the page cache,...

DEBIAN-CVE-2025-37739

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid out-of-bounds access in f2fstruncateinodeblocks syzbot reports an UBSAN issue as below: ------------ cut here ------------ UBSAN: array-index-out-of-bounds in fs/f2fs/node.h:381:10 index 18446744073709550692 is...

PT-2025-18420

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 Description The issue is related to an out-of-bounds access in the f2fs truncate inode blocks function. The problem occurs when get nid tries to access an array with an...

SUSE CVE-2024-26869

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to truncate meta inode pages forcely Below race case can cause data corruption: Thread A GC thread - gcdatasegment - radatablock - locked metainode page - f2fsinplacewritedata - invalidatemappingpages : fail to invalida...

AZL-61721 CVE-2024-26869 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to truncate meta inode pages forcely Below race case can cause data corruption: Thread A GC thread - gcdatasegment - radatablock - locked metainode page - f2fsinplacewritedata - invalidatemappingpages : fail to invalida...

DEBIAN-CVE-2024-26869

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to truncate meta inode pages forcely Below race case can cause data corruption: Thread A GC thread - gcdatasegment - radatablock - locked metainode page - f2fsinplacewritedata - invalidatemappingpages : fail to invalida...

UBUNTU-CVE-2024-26869

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to truncate meta inode pages forcely Below race case can cause data corruption: Thread A GC thread - gcdatasegment - radatablock - locked metainode page - f2fsinplacewritedata - invalidatemappingpages : fail to invalida...

CVE-2024-26869 f2fs: fix to truncate meta inode pages forcely

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to truncate meta inode pages forcely Below race case can cause data corruption: Thread A GC thread - gcdatasegment - radatablock - locked metainode page - f2fsinplacewritedata - invalidatemappingpages : fail to invalida...

kernel: vfs: BUG in truncate_inode_pages_range() and fuse client

A non-privileged user is able to mount a fuse filesystem on RHEL 6 or 7 and crash a system if an application punches a hole in a file that does not end aligned to a page boundary...