22 matches found
SUSE CVE-2026-45915
In the Linux kernel, the following vulnerability has been resolved: fat: avoid parent link count underflow in rmdir Corrupted FAT images can leave a directory inode with an incorrect inlink e.g. 2 even though subdirectories exist. rmdir then unconditionally calls dropnlinkdir and can drive inlink...
CVE-2026-45915
A flaw was found in the Linux kernel's handling of FAT File Allocation Table filesystems. When processing corrupted FAT images, the rmdir function can incorrectly decrement the parent directory's link count. This underflow can lead to a system instability or a denial of service DoS by triggering ...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: erofs: Avoid infinite loops caused by corrupted subpage compact indexes. Robert reported an infinite loop observed in two crafted images. The root cause is that clusterofs can be larger than lclustersize for !NONHEAD lclusters...
PT-2025-53207
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the hfs/hfsplus component. A previous fix introduced a warning WARN ON triggered by a corrupted HFS image, as reported by syzbot. The issue is...
Linux Distros Unpatched Vulnerability : CVE-2025-40241
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - erofs: fix crafted invalid cases for encoded extents Robert recently reported two corrupted images that can cause system crashes, which are related to the new...
PT-2025-35350
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's f2fs implementation related to out-of-boundary access in dnode pages. The issue stems from a corrupted image where a dnode shares a node ID with its...
CVE-2025-38219 f2fs: prevent kernel warning due to negative i_nlink from corrupted image
In the Linux kernel, the following vulnerability has been resolved: f2fs: prevent kernel warning due to negative inlink from corrupted image WARNING: CPU: 1 PID: 9426 at fs/inode.c:417 dropnlink+0xac/0xd0 home/cc/linux/fs/inode.c:417 Modules linked in: CPU: 1 UID: 0 PID: 9426 Comm: syz-executor56...
UBUNTU-CVE-2024-47699
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential null-ptr-deref in nilfsbtreeinsert Patch series "nilfs2: fix potential issues with empty b-tree nodes". This series addresses three potential issues with empty b-tree nodes that can occur with corrupted...
Google Golang Security Vulnerability
Google Golang is a static strongly typed, compiled language from Google.Go's syntax is close to that of C, but differs with respect to variable declarations.Go supports garbage collection.Go's parallel model is based on Tony Hall's Communicating Sequential Processes CSP, and other languages that...
UBUNTU-CVE-2021-47478
In the Linux kernel, the following vulnerability has been resolved: isofs: Fix out of bound access for corrupted isofs image When isofs image is suitably corrupted isofsreadinode can read data beyond the end of buffer. Sanity-check the directory entry length before using it...
kernel: use-after-free and memory errors in ext4 when mounting and operating on a corrupted image
A use-after-free flaw was found in fs/ext4/namei.c:dxinsertblock in the Linux kernel’s filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service...
kernel: use-after-free and memory errors in ext4 when mounting and operating on a corrupted image
A use-after-free flaw was found in fs/ext4/namei.c:dxinsertblock in the Linux kernel’s filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service...
CVE-2022-0485
A flaw was found in the copying tool nbdcopy of libnbd. When performing multi-threaded copies using asynchronous nbd calls, nbdcopy was blindly treating the completion of an asynchronous command as successful, rather than checking the error parameter. This could result in the silent creation of a...
The vulnerability of the nbdcopy tool in the libnbd library allows a perpetrator to automatically create corrupted target images.
The vulnerability of the nbdcopy tool in the libnbd library is related to exceptions handling deficiencies. Exploiting this vulnerability allows a remote attacker to automatically create corrupted target images...
The vulnerability of the ReadCUTImage function in the coders/cut.c component of the console image editing tool ImageMagick, related to the assignment of a null pointer, allows a malicious actor to cause a service failure.
The vulnerability of the ReadCUTImage function in the coders/cut.c component of the console-based image editing tool ImageMagick involves the use of a null pointer. Exploiting this vulnerability allows an attacker to cause a service failure by using a corrupted image file...
kernel: NULL pointer dereference in fs/xfs/libxfs/xfs_inode_buf.c
An issue was discovered in the XFS filesystem in fs/xfs/libxfs/xfsinodebuf.c in the Linux kernel. A denial of service due to the NULL pointer dereference can occur for a corrupted xfs image upon encountering an inode that is in extent format, but has more extents than fit in the inode fork...
DEBIAN-CVE-2018-13093
An issue was discovered in fs/xfs/xfsicache.c in the Linux kernel through 4.17.3. There is a NULL pointer dereference and panic in lookupslow on a NULL inode-iops pointer when doing pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that cached inodes are free...
Linux kerne 'fs/f2fs/super.c' local denial of service vulnerability
Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in the fs/f2fs/super.c file in Linux kernel version 4.17.3 and earlier, which stems from a program that fails to properly validate the...
UBUNTU-CVE-2018-13100
An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.17.3, which does not properly validate secsperzone in a corrupted f2fs image, as demonstrated by a divide-by-zero error...
PT-2017-13080 · Tsk +1 · The Sleuth Kit +1
Name of the Vulnerable Software and Affected Versions: The Sleuth Kit TSK version 4.4.2 Description: The issue occurs when the fls command in The Sleuth Kit TSK hangs on a corrupt exfat image. This happens due to a problem in the tsk img read function located in tsk/img/img io.c within the...