940 matches found
SUSE CVE-2026-48102
7-Zip is a file archiver with a high compression ratio. Versions 9.11 through 26.00 contain a heap out-of-bounds read of up to 3 bytes in the UDF disc image handler's File Identifier Descriptor parser. In CFileId::Parse CPP/7zip/Archive/Udf/UdfIn.cpp, after validating size 38 + idLen + impLen and...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the CFileId::Parse function of the UDF disc image handler's File Identifier Descriptor parser. An attacker can access sensitive information or cause a crash by crafting a malicious UDF image that triggers an...
CVE-2026-48102
A flaw was found in 7-Zip. A remote attacker could exploit a heap out-of-bounds read vulnerability in the UDF Universal Disk Format disc image handler by tricking a user into opening a specially crafted UDF image file. This could lead to limited information disclosure, where an attacker might gai...
CVE-2026-48102 GHSL-2026-118: 7-Zip UDF Field OOB Read
7-Zip is a file archiver with a high compression ratio. Versions 9.11 through 26.00 contain a heap out-of-bounds read of up to 3 bytes in the UDF disc image handler's File Identifier Descriptor parser. In CFileId::Parse CPP/7zip/Archive/Udf/UdfIn.cpp, after validating size 38 + idLen + impLen and...
CVE-2026-48102 GHSL-2026-118: 7-Zip UDF Field OOB Read
7-Zip is a file archiver with a high compression ratio. Versions 9.11 through 26.00 contain a heap out-of-bounds read of up to 3 bytes in the UDF disc image handler's File Identifier Descriptor parser. In CFileId::Parse CPP/7zip/Archive/Udf/UdfIn.cpp, after validating size 38 + idLen + impLen and...
CVE-2026-48102
7-Zip (versions 9.11–26.00) contains a heap out-of-bounds read in the UDF disc image handler (File Identifier Descriptor parser). In CFileId::Parse, after validating size and advancing to 38 + impLen + idLen, an alignment-padding loop reads up to 3 bytes past the end when (38 + impLen + idLen) % ...
CVE-2026-48102
7-Zip is a file archiver with a high compression ratio. Versions 9.11 through 26.00 contain a heap out-of-bounds read of up to 3 bytes in the UDF disc image handler's File Identifier Descriptor parser. In CFileId::Parse CPP/7zip/Archive/Udf/UdfIn.cpp, after validating size 38 + idLen + impLen and...
CVE-2026-48102
7-Zip is a file archiver with a high compression ratio. Versions 9.11 through 26.00 contain a heap out-of-bounds read of up to 3 bytes in the UDF disc image handler's File Identifier Descriptor parser. In CFileId::Parse CPP/7zip/Archive/Udf/UdfIn.cpp, after validating size 38 + idLen + impLen and...
7-Zip 缓冲区错误漏洞
7-Zip is an open-source compression software developed by 7-Zip. Versions 9.11 to 26.00 of 7-Zip contain a buffer error vulnerability. This vulnerability stems from the File Identifier Descriptor parser in the UDF disc image processor, where a heap out-of-bounds read occurs, potentially leading t...
7-Zip >= 9.11 < 26.01 UDF OOB Read (GHSL-2026-115_GHSL-2026-122)
The version of 7-Zip installed on the remote Windows host is = 9.11 and prior to 26.01. It is, therefore, affected by multiple vulnerabilities: - An out-of-bounds read exists in 7-Zip's UDF field handling, which can lead to a crash when processing a crafted UDF image. CVE-2026-48102 - A path...
SUSE CVE-2026-45991
In the Linux kernel, the following vulnerability has been resolved: udf: fix partition descriptor append bookkeeping Mounting a crafted UDF image with repeated partition descriptors can trigger a heap out-of-bounds write in partdescsloc. handlepartitiondescriptor deduplicates entries by partition...
CVE-2026-45991
A flaw was found in the Linux kernel's Universal Disk Format UDF filesystem. A remote attacker could exploit this vulnerability by tricking a user into mounting a specially crafted UDF image containing repeated partition descriptors. This could lead to a heap out-of-bounds write, potentially...
EUVD-2026-32287
In the Linux kernel, the following vulnerability has been resolved: udf: fix partition descriptor append bookkeeping Mounting a crafted UDF image with repeated partition descriptors can trigger a heap out-of-bounds write in partdescsloc. handlepartitiondescriptor deduplicates entries by partition...
CVE-2026-45991
In the Linux kernel, the following vulnerability has been resolved: udf: fix partition descriptor append bookkeeping Mounting a crafted UDF image with repeated partition descriptors can trigger a heap out-of-bounds write in partdescsloc. handlepartitiondescriptor deduplicates entries by partition...
UBUNTU-CVE-2026-45991
In the Linux kernel, the following vulnerability has been resolved: udf: fix partition descriptor append bookkeeping Mounting a crafted UDF image with repeated partition descriptors can trigger a heap out-of-bounds write in partdescsloc. handlepartitiondescriptor deduplicates entries by partition...
CVE-2026-45991
The CVE-2026-45991 entry concerns the Linux kernel UDF filesystem. The root cause is in handle_partition_descriptor() where partition descriptors are deduplicated by partition number, but appended slots do not record partnum, allowing repeated Partition Descriptors to accumulate and grow num_part...
Linux Distros Unpatched Vulnerability : CVE-2026-45991
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - udf: fix partition descriptor append bookkeeping Mounting a crafted UDF image with repeated partition descriptors can trigger a heap out-of-bounds write in...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of recording the partition number when the udf partition descriptor is attached. This...
PT-2026-43858
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A heap out-of-bounds write can occur in the part descs loc table when mounting a crafted UDF image containing repeated partition descriptors. The handle partition descriptor function fai...
Astra Linux - уязвимость в linux, linux-5.10
A flaw involving a null pointer dereference was discovered in the Linux kernel’s UDF file system functionality. This flaw allows a malicious UDF image to trigger the udffilewriteiter function. A local user could exploit this flaw to crash the system. The flaw is present in the Linux kernel versio...