Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the CNID counting check used in the HFS file system. This bug can trigger errors when the MDB is...

Astra Linux - уязвимость в linux-5.15, linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: hfs: fixed OOB read in hfsbrecfind Syzbot reported a OOB read bug: ================================================================== Bug: KASAN: slab-out-of-bounds in hfsstrcmp+0x117/0x190 fs/hfs/string.c:84 A read of size 1...

Astra Linux - уязвимость в grub2

When reading data from an HFS filesystem, Grub’s HFS filesystem module uses user-controlled parameters from the filesystem metadata to calculate the internal buffer size. However, it fails to properly check for integer overflows. A maliciously crafted filesystem may cause some of those buffer siz...

UBUNTU-CVE-2025-68774

In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix missing hfsbnodeget in hfsbnodecreate When sync and link are called concurrently, both threads may enter hfsbnodefind without finding the node in the hash table and proceed to create it. Thread A: hfspluswriteinode -...

CVE-2025-68761

In the Linux kernel, the following vulnerability has been resolved: hfs: fix potential use after free in hfscorrectnextunusedCNID This code calls hfsbnodeputnode which drops the refcount and then dreferences "node" on the next line. It's only safe to use "node" when we're holding a reference so...

CVE-2022-50747

In the Linux kernel, the following vulnerability has been resolved: hfs: Fix OOB Write in hfsasc2mac Syzbot reported a OOB Write bug: loop0: detected capacity change from 0 to 64 ================================================================== BUG: KASAN: slab-out-of-bounds in...

CVE-2023-53862

CVE-2023-53862 relates to the Linux kernel hfs filesystem. The issue is a missing hfs_bnode_get() after finding/creating a bnode, which can lead to a refcount underflow and a kernel BUG in hfs_bnode_put() during writeback. The provided description shows a path where a node is allocated with refcn...

hfs: fix KMSAN uninit-value issue in hfs_find_set_zero_bits()

...

EUVD-2009-3991

Malware in sbrugna...

hfs: fix general protection fault in hfs_find_init()

...

hfs: fix slab-out-of-bounds in hfs_bnode_read()

...

CVE-2025-38715 hfs: fix slab-out-of-bounds in hfs_bnode_read()

In the Linux kernel, the following vulnerability has been resolved: hfs: fix slab-out-of-bounds in hfsbnoderead This patch introduces isbnodeoffsetvalid method that checks the requested offset value. Also, it introduces checkandcorrectrequestedlength method that checks and correct the requested...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from hfs not checking for tree pointer null pointers...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from hfs not checking for node read boundaries...

PT-2025-49070

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.16.0-syzkaller Description The Linux kernel had an uninitialized value issue within the hfs find set zero bits function, specifically related to the HFS filesystem. The issue was identified by syzbot and involv...

Linux Distros Unpatched Vulnerability : CVE-2018-19497

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In The Sleuth Kit TSK through 4.6.4, hfscattraverse in tsk/fs/hfs.c does not properly determine when a key length is too large, which allows attackers to cause ...

Linux Distros Unpatched Vulnerability : CVE-2024-56737

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU GRUB aka GRUB2 through 2.12 has a heap-based buffer overflow in fs/hfs.c via crafted sblock data in an HFS filesystem. CVE-2024-56737 Note that Nessus relie...

ROS-20250818-06

A vulnerability in the fs/hfs.c file of the hfs component of the Grub2 operating system boot loader is related to writing beyond the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code in the context of the current user using a speciall...

USN-7389-1 linux-nvidia-tegra, linux-nvidia-tegra-igx vulnerabilities

Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service system crash or possibly execute arbitrary code...

hfsplus: don't query the device logical block size multiple times

...