UBUNTU-CVE-2026-46303

In the Linux kernel, the following vulnerability has been resolved: isofs: validate Rock Ridge CE continuation extent against volume size rockcontinue reads rs-contextent verbatim from the Rock Ridge CE record and passes it to sbbread without checking that the block number is within the mounted I...

CVE-2026-46303 isofs: validate Rock Ridge CE continuation extent against volume size

In the Linux kernel, the following vulnerability has been resolved: isofs: validate Rock Ridge CE continuation extent against volume size rockcontinue reads rs-contextent verbatim from the Rock Ridge CE record and passes it to sbbread without checking that the block number is within the mounted I...

CVE-2026-46303

The CVE-2026-46303 vulnerability affects the Linux kernel isofs Rock Ridge CE handling. rock_continue() could use rs->cont_extent without validating the block number, allowing potential reads of data from an adjacent filesystem via sb_bread() on crafted ISO mounts. The issue was addressed by p...

EUVD-2026-35168

In the Linux kernel, the following vulnerability has been resolved: isofs: validate Rock Ridge CE continuation extent against volume size rockcontinue reads rs-contextent verbatim from the Rock Ridge CE record and passes it to sbbread without checking that the block number is within the mounted I...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of verification of volume sizes during the Rock Ridge CE extension in isofs. This...

isofs: validate block number from NFS file handle in isofs_export_iget

...

SUSE CVE-2026-46124

In the Linux kernel, the following vulnerability has been resolved: isofs: validate block number from NFS file handle in isofsexportiget isofsfhtodentry and isofsfhtoparent pass an attacker- controlled block number ifid-block or ifid-parentblock from the NFS file handle to isofsexportiget, which...

CVE-2026-46124

In the Linux kernel, the following vulnerability has been resolved: isofs: validate block number from NFS file handle in isofsexportiget isofsfhtodentry and isofsfhtoparent pass an attacker- controlled block number ifid-block or ifid-parentblock from the NFS file handle to isofsexportiget, which...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the isofs exportiget function not verifying the block number in the NFS file handle, potentially...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000979)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000979 advisory. The getrockridgefilename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM aka alternate name entries containing \0 characters, which allows...

isofs: Prevent the use of too small fid

...

DEBIAN-CVE-2025-37780

In the Linux kernel, the following vulnerability has been resolved: isofs: Prevent the use of too small fid syzbot reported a slab-out-of-bounds Read in isofsfhtoparent. 1 The handlebytes value passed in by the reproducing program is equal to 12. In handletopath, only 12 bytes of memory are...

fuseiso: Multiple vulnerabilities

Background FuseISO is a FUSE module to mount ISO filesystem images .iso, .nrg, .bin, .mdf and .img files. Description Multiple vulnerabilities have been discovered in fuseiso. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a...

Debian DLA-323-1 : fuseiso security update

The following two issues have recently been fixed in Debian LTS squeeze for the fuseiso package. Issue 1 An integer overflow, leading to a heap-based buffer overflow flaw was found in the way FuseISO, a FUSE module to mount ISO filesystem images, performed reading of certain ZF blocks of particul...

DLA-323-1 fuseiso - security update

Bulletin has no description...

Kernel: fs: isofs: infinite loop in CE record entries

It was found that the Linux kernel's ISO file system implementation did not correctly limit the traversal of Rock Ridge extension Continuation Entries CE. An attacker with physical access to the system could use this flaw to trigger an infinite loop in the kernel, resulting in a denial of service...

Kernel: fs: isofs: infinite loop in CE record entries

It was found that the Linux kernel's ISO file system implementation did not correctly limit the traversal of Rock Ridge extension Continuation Entries CE. An attacker with physical access to the system could use this flaw to trigger an infinite loop in the kernel, resulting in a denial of service...

kernel: isofs: unbound recursion when processing relocated directories

It was found that the parserockridgeinodeinternal function of the Linux kernel's ISOFS implementation did not correctly check relocated directories when processing Rock Ridge child link CL tags. An attacker with physical access to the system could use a specially crafted ISO image to crash the...

kernel: isofs: unbound recursion when processing relocated directories

It was found that the parserockridgeinodeinternal function of the Linux kernel's ISOFS implementation did not correctly check relocated directories when processing Rock Ridge child link CL tags. An attacker with physical access to the system could use a specially crafted ISO image to crash the...

kernel: isofs: unbound recursion when processing relocated directories

It was found that the parserockridgeinodeinternal function of the Linux kernel's ISOFS implementation did not correctly check relocated directories when processing Rock Ridge child link CL tags. An attacker with physical access to the system could use a specially crafted ISO image to crash the...