17758 matches found
UBUNTU-CVE-2025-38691
In the Linux kernel, the following vulnerability has been resolved: pNFS: Fix uninited ptr deref in block/scsi layout The error occurs on the third attempt to encode extents. When function exttreepreparecommit reallocates a larger buffer to retry encoding extents, the "layoutupdatepages" page arr...
UBUNTU-CVE-2025-38707
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add sanity check for file name The length of the file name should be smaller than the directory entry size...
CVE-2025-38715 hfs: fix slab-out-of-bounds in hfs_bnode_read()
In the Linux kernel, the following vulnerability has been resolved: hfs: fix slab-out-of-bounds in hfsbnoderead This patch introduces isbnodeoffsetvalid method that checks the requested offset value. Also, it introduces checkandcorrectrequestedlength method that checks and correct the requested...
CVE-2025-38707 fs/ntfs3: Add sanity check for file name
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add sanity check for file name The length of the file name should be smaller than the directory entry size...
CVE-2025-38701 ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr
In the Linux kernel, the following vulnerability has been resolved: ext4: do not BUG when INLINEDATAFL lacks system.data xattr A syzbot fuzzed image triggered a BUGON in ext4updateinlinedata when an inode had the INLINEDATAFL flag set but was missing the system.data extended attribute. Since this...
CVE-2025-38697 jfs: upper bound check of tree index in dbAllocAG
In the Linux kernel, the following vulnerability has been resolved: jfs: upper bound check of tree index in dbAllocAG When computing the tree index in dbAllocAG, we never check if we are out of bounds realative to the size of the stree. This could happen in a scenario where the filesystem metadat...
CVE-2025-38692
CVE-2025-38692 refers to a Linux kernel exFAT fix validating cluster chains to prevent infinite loops during directory operations. The patch adds loop-break checks for conditions in exfat_count_dir_entries, exfat_create_upcase_table, exfat_load_bitmap, exfat_find_dir_entry, and exfat_check_dir_em...
CVE-2025-38692 exfat: add cluster chain loop check for dir
In the Linux kernel, the following vulnerability has been resolved: exfat: add cluster chain loop check for dir An infinite loop may occur if the following conditions occur due to file system corruption. 1 Condition for exfatcountdirentries to loop infinitely. - The cluster chain includes a loop....
CVE-2025-38691 pNFS: Fix uninited ptr deref in block/scsi layout
In the Linux kernel, the following vulnerability has been resolved: pNFS: Fix uninited ptr deref in block/scsi layout The error occurs on the third attempt to encode extents. When function exttreepreparecommit reallocates a larger buffer to retry encoding extents, the "layoutupdatepages" page arr...
CVE-2025-38691 pNFS: Fix uninited ptr deref in block/scsi layout
In the Linux kernel, the following vulnerability has been resolved: pNFS: Fix uninited ptr deref in block/scsi layout The error occurs on the third attempt to encode extents. When function exttreepreparecommit reallocates a larger buffer to retry encoding extents, the "layoutupdatepages" page arr...
Grub2: jfs: integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading data
...
Extracting malicious crates can fill the file system
...
CVE-2025-52544
E3 Site Supervisor Control firmware version 2.31F01 has a floor plan feature that allows for an unauthenticated attacker to upload floor plan files. By uploading a specially crafted floor plan file, an attacker can access any file from the E3 file system...
f2fs: fix to avoid panic in f2fs_evict_inode
...
Grub2: fs/ufs: oob write in the heap
...
jfs: Fix shift-out-of-bounds in dbDiscardAG
...
Grub2: ufs: integer overflow may lead to heap based out-of-bounds write when handling symlinks
...
An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: rpc_lookup_reply.
...
jfs: reject on-disk inodes of an unsupported type
...
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_read_reply when calling store_block in the NFSv3 case.
...