Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: cachefiles: Fixed a slab-out-of-bounds issue in cachefilessetvolumexattr. The actual length of volume coherence data should be used when setting the xattr value to avoid the following KASAN report. BUG: KASAN: Slab-out-of-boun...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: Squashfs: fixed the handling and sanity checking of the xattrids count A Sysbot 1 that corrupted the filesystem exposed two flaws in the handling and sanity checking of the xattrids count in the filesystem. Both of these flaws...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: jfs: xattr: fixed buffer overflow for invalid xattr values. When the xattr size is not as expected, it is printed out to the kernel log in hexadecimal format as a form of debugging. However, when that xattr size is larger than...

rsync: Rsync: Use-after-free vulnerability in extended attribute handling

A flaw was found in rsync. When rsync is configured to handle extended attributes using the -X or --xattrs option, a remote attacker can exploit a use-after-free vulnerability. This occurs because the receivexattr function incorrectly processes an untrusted length value during a sorting operation...

rsync: Fix of CVE-2026-41035

CVE-2026-41035: fix use-after-free in receivexattr by using tempxattr.count instead of the stale count in qsort...

RockyLinux 8 : kernel-rt (RLSA-2026:21745)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:21745 advisory. kernel: Bluetooth: MGMT: Fix possible UAFs CVE-2025-39981 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183...

CLSA-2026-1780062671 Fix CVE(s): CVE-2026-41035

SECURITY UPDATE: receiver use-after-free in receivexattr via a wire-supplied xattr count passed to qsort: - debian/patches/els/0007-CVE-2026-41035.patch: sort tempxattr.count stored items instead of the untrusted wire count. - CVE-2026-41035...

CLSA-2026-1780054763 Fix CVE(s): CVE-2026-41035

SECURITY UPDATE: use-after-free in receivexattr - debian/patches/CVE-2026-41035.patch: replace stale local 'count' with tempxattr.count in the qsort call inside receivexattr, so the sort uses the live size of the rebuilt xattr items list; victim must run rsync with -X / --xattrs - CVE-2026-41035...

SUSE-SU-2026:21841-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-2058: x86/CPU: Fix FPDSS on Zen1 bsc1243603. - CVE-2024-14027: xattr: switch to CLASSfd bsc1259420. - CVE-2025-40181: x86/kvm: Force legacy PCI hole to UC when...

kernel: ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr

In the Linux kernel, the following vulnerability has been resolved: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr Currently when both IMA and EVM are in fix mode, the IMA signature will be reset to IMA hash if a program first stores IMA signature in security.ima and then...

SUSE CVE-2026-46046

In the Linux kernel, the following vulnerability has been resolved: ext4: fix missing brelse in ext4xattrinodedecrefall The commit c8e008b60492 "ext4: ignore xattrs past end" introduced a refcount leak in when blockcsum is false. ext4xattrinodedecrefall calls ext4getinodeloc to get iloc.bh, but...

CVE-2026-46046

A flaw was found in the Linux kernel's ext4 filesystem. A reference count refcount leak occurs in the ext4xattrinodedecrefall function. This issue arises because the iloc.bh buffer head, acquired by ext4getinodeloc, is not properly released with brelse. This can lead to resource exhaustion or...

CVE-2026-46046

The CVE reports a refcount leak in ext4_xattr_inode_dec_ref_all() due to not releasing iloc with brelse() after ext4_get_inode_loc(), fixed by commit c8e008b6. OSV entries show patches in Root:Ubuntu 22.04/24.04, Debian, Debian-based RootIO builds, and openSUSE kernel-devel 7.0.11-1.1 for GA medi...

CVE-2026-46046 ext4: fix missing brelse() in ext4_xattr_inode_dec_ref_all()

In the Linux kernel, the following vulnerability has been resolved: ext4: fix missing brelse in ext4xattrinodedecrefall The commit c8e008b60492 "ext4: ignore xattrs past end" introduced a refcount leak in when blockcsum is false. ext4xattrinodedecrefall calls ext4getinodeloc to get iloc.bh, but...

EUVD-2026-32428

In the Linux kernel, the following vulnerability has been resolved: ext4: fix missing brelse in ext4xattrinodedecrefall The commit c8e008b60492 "ext4: ignore xattrs past end" introduced a refcount leak in when blockcsum is false. ext4xattrinodedecrefall calls ext4getinodeloc to get iloc.bh, but...

PT-2026-43962

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds access issue exists in the check xattrs function of the ext4 file system. The bounds check for the next extended attribute xattr entry uses a comparison that allows the...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the function ext4xattr inodedecrefall not releasing iloc.bh properly, resulting in a leak of the...

PT-2026-43913

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A refcount leak occurs in the ext4 filesystem when block csum is false. This happens because the function ext4 xattr inode dec ref all calls ext4 get inode loc to obtain iloc.bh but fail...

rsync: Rsync: Use-after-free vulnerability in extended attribute handling

A flaw was found in rsync. When rsync is configured to handle extended attributes using the -X or --xattrs option, a remote attacker can exploit a use-after-free vulnerability. This occurs because the receivexattr function incorrectly processes an untrusted length value during a sorting operation...

rsync: Rsync: Use-after-free vulnerability in extended attribute handling

A flaw was found in rsync. When rsync is configured to handle extended attributes using the -X or --xattrs option, a remote attacker can exploit a use-after-free vulnerability. This occurs because the receivexattr function incorrectly processes an untrusted length value during a sorting operation...