398 matches found
CVE-2026-53149
CVE-2026-53149 affects the Linux kernel thunderbolt subsystem. The root cause is a missing bounds check in __tb_property_parse_dir(): content_offset + content_len is not verified to fit within block_len for the root directory case. If rootdir->length is at least block_len - 2, the entry loop m...
EUVD-2026-39240
In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Bound root directory content to block size tbpropertyparsedir does not check that contentoffset + contentlen fits within blocklen for the root directory case. When rootdir-length equals or exceeds blocklen - 2, the...
SUSE CVE-2026-55392
NILFS utilities through 2.3.0, fixed in commit 26efb5d, nilfssbisvalid function fails to validate slogblocksize field in NILFS2 superblock before bit-shift operations. Attackers supplying crafted NILFS2 images trigger undefined behavior through oversized shifts or out-of-memory conditions, crashi...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: nilfs2: A shift-out-of-bounds condition has been fixed due to an overly large exponent of the block size. If the slogblocksize field in the superblock data is corrupted and too large, initnilfs and loadnilfs may still trigger a...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: jfs: jfsdmap: Validates dbl2nbperpage during mounting In jfsdmap.c, on line 381, BLKTODMAP is used to obtain a logical block number within dbFree. dbl2nbperpage, which is the log2 of the number of blocks per page, is passed as an...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm, thp: Bail out early for writeback pages in collapsefile Currently, collapsefile does not explicitly check PGwriteback. Instead, pagehasprivate and trytoreleasepage are used to filter writeback pages. This approach does not wo...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iomap: fixed invalid folio access when iblkbits differs from the I/O granularity. The commit aa35ddcbc06 “iomap: fixed invalid folio access after folioendread” partially addressed invalid folio access for folios without an ifs...
CVE-2026-55392
NILFS utilities through 2.3.0, fixed in commit 26efb5d, nilfssbisvalid function fails to validate slogblocksize field in NILFS2 superblock before bit-shift operations. Attackers supplying crafted NILFS2 images trigger undefined behavior through oversized shifts or out-of-memory conditions, crashi...
CVE-2026-55392
NILFS utilities through 2.3.0, fixed in commit 26efb5d, nilfssbisvalid function fails to validate slogblocksize field in NILFS2 superblock before bit-shift operations. Attackers supplying crafted NILFS2 images trigger undefined behavior through oversized shifts or out-of-memory conditions, crashi...
CVE-2026-55392
CVE-2026-55392 affects NILFS utilities up to version 2.3.0. The root cause is nilfs_sb_is_valid() not validating s_log_block_size in the NILFS2 superblock before bit-shift operations, enabling undefined behavior from oversized shifts and potential out-of-memory conditions that can crash tools lik...
Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2026-23238)
"In the Linux kernel, the following vulnerability has been resolved: romfs: check sbsetblocksize return value romfsfillsuper ignores the return value of sbsetblocksize, which can fail if the requested block size is incompatible with the block device's configuration. This can be triggered by setti...
PT-2026-50777
Name of the Vulnerable Software and Affected Versions NILFS utilities versions prior to 2.3.1 Description The nilfs sb is valid function fails to validate the s log block size field in the NILFS2 superblock before performing bit-shift operations. An attacker can provide crafted NILFS2 images to...
CVE-2025-70100
A divide-by-zero vulnerability in the ext4blocksetlbsize function in src/ext4blockdev.c of the lwext4 1.0.0 library allows attackers to cause a denial of service by providing a malformed ext4 filesystem image that results in a zero logical block size. The vulnerability is triggered during mount o...
CVE-2025-70100
A divide-by-zero vulnerability in the ext4blocksetlbsize function in src/ext4blockdev.c of the lwext4 1.0.0 library allows attackers to cause a denial of service by providing a malformed ext4 filesystem image that results in a zero logical block size. The vulnerability is triggered during mount o...
CVE-2025-70100
CVE-2025-70100 affects lwext4 1.0.0. A divide-by-zero in ext4_block_set_lb_size (src/ext4_blockdev.c) can cause denial of service when processing a malformed ext4 image, triggering a Floating-Point Exception or crash due to missing lb_size validation during mount/image handling. Connected sources...
CVE-2025-70100
A divide-by-zero vulnerability in the ext4blocksetlbsize function in src/ext4blockdev.c of the lwext4 1.0.0 library allows attackers to cause a denial of service by providing a malformed ext4 filesystem image that results in a zero logical block size. The vulnerability is triggered during mount o...
PT-2026-45934
Name of the Vulnerable Software and Affected Versions lwext4 version 1.0.0 Description A divide-by-zero issue exists in the ext4 block set lb size function within the src/ext4 blockdev.c file. This occurs when a malformed ext4 filesystem image with a zero logical block size is provided, leading t...
CVE-2025-70100
A divide-by-zero vulnerability in the ext4blocksetlbsize function in src/ext4blockdev.c of the lwext4 1.0.0 library allows attackers to cause a denial of service by providing a malformed ext4 filesystem image that results in a zero logical block size. The vulnerability is triggered during mount o...
EUVD-2025-210054
A divide-by-zero vulnerability in the ext4blocksetlbsize function in src/ext4blockdev.c of the lwext4 1.0.0 library allows attackers to cause a denial of service by providing a malformed ext4 filesystem image that results in a zero logical block size. The vulnerability is triggered during mount o...
CVE-2025-70100
A divide-by-zero vulnerability in the ext4blocksetlbsize function in src/ext4blockdev.c of the lwext4 1.0.0 library allows attackers to cause a denial of service by providing a malformed ext4 filesystem image that results in a zero logical block size. The vulnerability is triggered during mount o...