Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: hfsplus: Do not use BUGON in hfspluscreateattributesfile. When the volume header contains erroneous values that do not reflect the actual state of the filesystem, hfsplusfillsuper assumes that the attributes file has not yet been...

EUVD-2025-26757

Malicious code in bioql PyPI...

hfsplus: don't use BUG_ON() in hfsplus_create_attributes_file()

...

SUSE CVE-2025-38712

In the Linux kernel, the following vulnerability has been resolved: hfsplus: don't use BUGON in hfspluscreateattributesfile When the volume header contains erroneous values that do not reflect the actual state of the filesystem, hfsplusfillsuper assumes that the attributes file is not yet created...

CVE-2025-38712

In the Linux kernel, the following vulnerability has been resolved: hfsplus: don't use BUGON in hfspluscreateattributesfile When the volume header contains erroneous values that do not reflect the actual state of the filesystem, hfsplusfillsuper assumes that the attributes file is not yet created...

AZL-66866 CVE-2025-38712 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: hfsplus: don't use BUGON in hfspluscreateattributesfile When the volume header contains erroneous values that do not reflect the actual state of the filesystem, hfsplusfillsuper assumes that the attributes file is not yet created...

AZL-75306 CVE-2025-38712 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: hfsplus: don't use BUGON in hfspluscreateattributesfile When the volume header contains erroneous values that do not reflect the actual state of the filesystem, hfsplusfillsuper assumes that the attributes file is not yet created...

UBUNTU-CVE-2025-38712

In the Linux kernel, the following vulnerability has been resolved: hfsplus: don't use BUGON in hfspluscreateattributesfile When the volume header contains erroneous values that do not reflect the actual state of the filesystem, hfsplusfillsuper assumes that the attributes file is not yet created...

CVE-2025-38712 hfsplus: don't use BUG_ON() in hfsplus_create_attributes_file()

In the Linux kernel, the following vulnerability has been resolved: hfsplus: don't use BUGON in hfspluscreateattributesfile When the volume header contains erroneous values that do not reflect the actual state of the filesystem, hfsplusfillsuper assumes that the attributes file is not yet created...

CVE-2025-38712 hfsplus: don't use BUG_ON() in hfsplus_create_attributes_file()

In the Linux kernel, the following vulnerability has been resolved: hfsplus: don't use BUGON in hfspluscreateattributesfile When the volume header contains erroneous values that do not reflect the actual state of the filesystem, hfsplusfillsuper assumes that the attributes file is not yet created...

PT-2025-35985

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel where the hfsplus create attributes file function incorrectly uses BUG ON. This occurs when the volume header contains incorrect values, leading to an...

The vulnerability of the _bfd_elf_parse_attributes function in the elf-attrs.c component of the GNU Binutils development environment allows a attacker to cause a service failure.

The vulnerability of the bfdelfparseattributes function in the elf-attrs.c component of the GNU Binutils development environment is related to reading data beyond the allowable buffer limits. Exploiting this vulnerability allows an attacker to cause service failures through a specially created EL...

git: gitattributes parsing integer overflow

A flaw was found in Git, a distributed revision control system. When parsing gitattributes, a mechanism to allow defining attributes for paths, multiple integer overflows can occur when there is a huge number of path patterns, attributes for a single pattern, or declared attribute names. These...