7-Zip 安全漏洞

7-Zip is an open-source compression software developed by 7-Zip. Versions 9.18 to 26.00 of 7-Zip contain security vulnerabilities. These vulnerabilities stem from sparse filling of index arrays in the SquashFS archive processor, which allows for uninitialized heap reads, potentially leading to...

kernel: Linux kernel: Memory corruption in Squashfs due to incorrect block size calculation

A flaw was found in the Linux kernel's Squashfs filesystem. A local attacker can exploit this vulnerability by simultaneously mounting a Squashfs filesystem and issuing a specific input/output control ioctl command. This can lead to an incorrect block size calculation, causing a shift-out-of-boun...

kernel: Squashfs: check the inode number is not the invalid value of zero

A flaw was found in the squashfs module in the Linux kernel. A missing check of an inode number with an invalid value of zero can cause an out-of-bounds read and result in a denial of service...