NanaZip 数字错误漏洞

NanaZip is a compression software open source by the M2-Team. Versions of NanaZip from 5.0.1252.0 to 6.0.1698.0 contained a numerical error vulnerability. This vulnerability stemmed from the UFS/UFS2 file system image parser not verifying the value of the fsipg field in the superblock. When this...

CVE-2024-41086 bcachefs: Fix sb_field_downgrade validation

In the Linux kernel, the following vulnerability has been resolved: bcachefs: Fix sbfielddowngrade validation - bch2sbdowngradevalidate wasn't checking for a downgrade entry extending past the end of the superblock section - foreachdowngradeentry is used in totext and needs to work on malformed...