4 matches found
EUVD-2025-203638
In the Linux kernel, the following vulnerability has been resolved: hfs: validate record offset in hfsplusbmapalloc hfsplusbmapalloc can trigger a crash if a record offset or length is larger than nodesize 15.264282 BUG: KASAN: slab-out-of-bounds in hfsplusbmapalloc+0x887/0x8b0 15.265192 Read of...
CVE-2025-40349
In the Linux kernel, the following vulnerability has been resolved: hfs: validate record offset in hfsplusbmapalloc hfsplusbmapalloc can trigger a crash if a record offset or length is larger than nodesize 15.264282 BUG: KASAN: slab-out-of-bounds in hfsplusbmapalloc+0x887/0x8b0 15.265192 Read of...
CVE-2025-40349 hfs: validate record offset in hfsplus_bmap_alloc
In the Linux kernel, the following vulnerability has been resolved: hfs: validate record offset in hfsplusbmapalloc hfsplusbmapalloc can trigger a crash if a record offset or length is larger than nodesize 15.264282 BUG: KASAN: slab-out-of-bounds in hfsplusbmapalloc+0x887/0x8b0 15.265192 Read of...
CVE-2025-40349
CVE-2025-40349 affects the Linux kernel’s hfs/hfsplus_bmap_alloc path. The bug occurs when hfsplus_bmap_alloc retrieves a bitmap using node info and an offset/length that may exceed node_size, risking slab-out-of-bounds page access. The referenced patch adds validation for both offset and length ...