CVE-2026-45892

Summary of CVE-2026-45892 : In the Linux kernel ext4 code, during the split of an unwritten extent, a zeroing step after partial validation could leave a stale unwritten extent in the extent status tree. Specifically, splitting at B with EXT4_EXT_DATA_PARTIAL_VALID1 and EXT4_EXT_MAY_ZEROOUT could...

CVE-2026-45892

In the Linux kernel, the following vulnerability has been resolved: ext4: drop extent cache after doing PARTIALVALID1 zeroout When splitting an unwritten extent in the middle and converting it to initialized in ext4splitextent with the EXT4EXTMAYZEROOUT and EXT4EXTDATAVALID2 flags set, it could...

CVE-2026-45892 ext4: drop extent cache after doing PARTIAL_VALID1 zeroout

In the Linux kernel, the following vulnerability has been resolved: ext4: drop extent cache after doing PARTIALVALID1 zeroout When splitting an unwritten extent in the middle and converting it to initialized in ext4splitextent with the EXT4EXTMAYZEROOUT and EXT4EXTDATAVALID2 flags set, it could...

CVE-2026-45858 ext4: don't zero the entire extent if EXT4_EXT_DATA_PARTIAL_VALID1

In the Linux kernel, the following vulnerability has been resolved: ext4: don't zero the entire extent if EXT4EXTDATAPARTIALVALID1 When allocating initialized blocks from a large unwritten extent, or when splitting an unwritten extent during end I/O and converting it to initialized, there is...

CVE-2026-45858

In the Linux kernel, the following vulnerability has been resolved: ext4: don't zero the entire extent if EXT4EXTDATAPARTIALVALID1 When allocating initialized blocks from a large unwritten extent, or when splitting an unwritten extent during end I/O and converting it to initialized, there is...

PT-2026-43759

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ext4 file system where splitting an unwritten extent and converting it to initialized can leave a stale unwritten extent in the status tree. This occurs in the ext...

CVE-2026-45858

ext4: dont zero the entire extent if EXT4EXTDATAPARTIALVALID1...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ocfs2: Fixed data corruption after conversion from inline format. The commit 6dbf7bb55598 “fs: Do not invalidate page buffers in blockwritefullpage” uncovered a latent bug in the conversion from inline inode format to a normal...

Astra Linux - уязвимость в linux-5.10, linux

Linux block and network PV device frontends do not zero memory regions before sharing them with the backend CVE-2022-26365, CVE-2022-33740. Additionally, the granularity of the grant table does not allow sharing smaller than a 4K page, resulting in unrelated data residing in the same 4K page as...

CLSA-2026-1778493573 samba: Fix of CVE-2017-15275

CVE-2017-15275: Fix server heap memory information leak by zeroing unused area when messagepushstring grows the talloc buffer...

SUSE CVE-2026-43184

In the Linux kernel, the following vulnerability has been resolved: rnbd-srv: Zero the rsp buffer before using it Before using the data buffer to send back the response message, zero it completely. This prevents any stray bytes to be picked up by the client side when there the message is exchange...

CLSA-2026-1778176200 samba: Fix of CVE-2017-15275

CVE-2017-15275: Fix server heap memory information leak by zeroing unused area when messagepushstring grows the talloc buffer...

SUSE CVE-2026-43089

In the Linux kernel, the following vulnerability has been resolved: xfrmuser: fix info leak in buildmapping struct xfrmusersaid has a one-byte padding hole after the proto field, which ends up never getting set to zero before copying out to userspace. Fix that up by zeroing out the whole structur...

CVE-2026-43273

A flaw was found in the Linux kernel's Ceph file system module. The cephzeropartialobject function, responsible for handling object write operations, was missing proper snapshot context. This oversight could allow a local attacker to cause data inconsistencies within snapshots, leading to a loss ...

CVE-2026-43089

In the Linux kernel, the following vulnerability has been resolved: xfrmuser: fix info leak in buildmapping struct xfrmusersaid has a one-byte padding hole after the proto field, which ends up never getting set to zero before copying out to userspace. Fix that up by zeroing out the whole structur...

CVE-2026-43089

In the Linux kernel, the following vulnerability has been resolved: xfrmuser: fix info leak in buildmapping struct xfrmusersaid has a one-byte padding hole after the proto field, which ends up never getting set to zero before copying out to userspace. Fix that up by zeroing out the whole structur...

PT-2026-37399

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An information leak exists in the build mapping function within the xfrm user component. The xfrm usersa id structure contains a one-byte padding hole following the proto field that is n...

PT-2026-37524

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the rnbd-srv component where the response buffer is not cleared before use. This can lead to the client receiving stray bytes when messages are exchanged between...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fixed the kernel stack leak in irdmacreateuserah. struct irdmacreateahresp // 8 bytes, no padding u32 ahid; // Offset 0 – SET uresp.ahid = ah-scah.ahinfo.ahidx u8 rsvd4; // Offset 4 – NEVER SET - LEAK ; The rsvd4 fiel...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: f2fs: The issue of information leakage in f2fsmoveInlinedirents has been fixed. When converting an inline directory to a regular one, f2fs leaks uninitialized memory to the disk because it does not initialize the entire directory...