CLSA-2026-1778599722 Fix CVE(s): CVE-2026-4878

SECURITY UPDATE: TOCTOU race condition in capsetfile - debian/patches/CVE-2026-4878.patch: open the target file and operate on /proc/self/fd/N so the inode is locked between the regular-file check and the xattr update - CVE-2026-4878...

CLSA-2026-1778599539 Fix CVE(s): CVE-2026-4878

SECURITY UPDATE: TOCTOU race condition in capsetfile - debian/patches/CVE-2026-4878.patch: open the target file and operate on /proc/self/fd/N so the inode is locked between the regular-file check and the xattr update - CVE-2026-4878...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Mitigation of the issue where the EA inode refcount may underflow during xattr updates. Syzkaller identified a path in the ext4xattrinodeupdateref function where the refcount of EA inodes is checked. If the refcount is...

SUSE CVE-2025-40190

In the Linux kernel, the following vulnerability has been resolved: ext4: guard against EA inode refcount underflow in xattr update syzkaller found a path where ext4xattrinodeupdateref reads an EA inode refcount that is already ref underflow: refcount=-1 refchange=-1 EXT4-fs warning: eainode dec...

DEBIAN-CVE-2025-40190

In the Linux kernel, the following vulnerability has been resolved: ext4: guard against EA inode refcount underflow in xattr update syzkaller found a path where ext4xattrinodeupdateref reads an EA inode refcount that is already ref underflow: refcount=-1 refchange=-1 EXT4-fs warning: eainode dec...

AZL-70091 CVE-2025-40190 affecting package kernel for versions less than 6.6.117.1-1

In the Linux kernel, the following vulnerability has been resolved: ext4: guard against EA inode refcount underflow in xattr update syzkaller found a path where ext4xattrinodeupdateref reads an EA inode refcount that is already ref underflow: refcount=-1 refchange=-1 EXT4-fs warning: eainode dec...

CVE-2025-40190 ext4: guard against EA inode refcount underflow in xattr update

In the Linux kernel, the following vulnerability has been resolved: ext4: guard against EA inode refcount underflow in xattr update syzkaller found a path where ext4xattrinodeupdateref reads an EA inode refcount that is already ref underflow: refcount=-1 refchange=-1 EXT4-fs warning: eainode dec...

CVE-2025-40190

In the Linux kernel, the following vulnerability has been resolved: ext4: guard against EA inode refcount underflow in xattr update syzkaller found a path where ext4xattrinodeupdateref reads an EA inode refcount that is already ref underflow: refcount=-1 refchange=-1 EXT4-fs warning: eainode dec...

SUSE-SU-2020:0790-1 Security update for python-cffi, python-cryptography, python-xattr

This update for python-cffi, python-cryptography and python-xattr fixes the following issues: Security issue fixed: - CVE-2018-10903: Fixed GCM tag forgery via truncated tag in finalizewithtag API bsc1101820. Non-security issues fixed: python-cffi was updated to 1.11.2 bsc1138748, jscECO-1256,...