3 matches found
CVE-2026-23388
A flaw was found in the Linux kernel's Squashfs component. A local attacker could craft a malicious Squashfs image with a corrupted index look-up table, leading to a negative metadata block offset. This negative offset causes an out-of-bounds access when processing the image, resulting in a gener...
CVE-2026-23388
In the Linux kernel, the following vulnerability has been resolved: Squashfs: check metadata block offset is within range Syzkaller reports a "general protection fault in squashfscopydata" This is ultimately caused by a corrupted index look-up table, which produces a negative metadata block offse...
CVE-2026-23388
CVE-2026-23388 concerns the Linux kernel Squashfs subsystem. A corrupted index lookup can yield a negative metadata block offset, leading to an out-of-bounds access in squashfs_copy_data via squashfs_read_metadata. The issue is resolved by adding a metadata offset range check in squashfs_read_met...