127 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-46130
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dm-verity-fec: fix reading parity bytes split across blocks take 3 fecdecodebufs assumes that the parity bytes of the first RS codeword it decodes are never spl...
CVE-2026-46130
In the Linux kernel, the following vulnerability has been resolved: dm-verity-fec: fix reading parity bytes split across blocks take 3 fecdecodebufs assumes that the parity bytes of the first RS codeword it decodes are never split across parity blocks. This assumption is false. Consider...
UBUNTU-CVE-2026-46130
In the Linux kernel, the following vulnerability has been resolved: dm-verity-fec: fix reading parity bytes split across blocks take 3 fecdecodebufs assumes that the parity bytes of the first RS codeword it decodes are never split across parity blocks. This assumption is false. Consider...
CVE-2026-46130
The CVE-2026-46130 issue affects the Linux kernel dm-verity-fec path. It stems from fec_decode_bufs() assuming parity bytes of the first RS codeword are never split across parity blocks, which can fail when block_size=4096, roots are non-default (e.g., 17) and nbufs configuration aligns so that p...
EUVD-2026-32889
In the Linux kernel, the following vulnerability has been resolved: dm-verity-fec: fix reading parity bytes split across blocks take 3 fecdecodebufs assumes that the parity bytes of the first RS codeword it decodes are never split across parity blocks. This assumption is false. Consider...
CVE-2026-46130 dm-verity-fec: fix reading parity bytes split across blocks (take 3)
In the Linux kernel, the following vulnerability has been resolved: dm-verity-fec: fix reading parity bytes split across blocks take 3 fecdecodebufs assumes that the parity bytes of the first RS codeword it decodes are never split across parity blocks. This assumption is false. Consider...
CVE-2026-46130
In the Linux kernel, the following vulnerability has been resolved: dm-verity-fec: fix reading parity bytes split across blocks take 3 fecdecodebufs assumes that the parity bytes of the first RS codeword it decodes are never split across parity blocks. This assumption is false. Consider...
PT-2026-44253
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds read exists in the fec decode bufs function within the dm-verity-fec component. The issue occurs because the function incorrectly assumes that parity bytes of the first...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: dm-bufio: fixed scheduling in atomic context If “tryverifyintasklet” is set for dm-verity, and DMBUFIOCLIENTNOSLEEP is enabled for dm-bufio. However, when bufio attempts to evict buffers, there is a possibility of triggering...
SUSE CVE-2026-43132
In the Linux kernel, the following vulnerability has been resolved: dm-verity: correctly handle dmbufioclientcreate failure If either of the calls to dmbufioclientcreate in verityfecctr fails, then dmbufioclientdestroy is later called with an ERRPTR argument. That causes a crash. Fix this...
CVE-2026-43132
A flaw was found in the Linux kernel's dm-verity component. When the dmbufioclientcreate function fails within verityfecctr, the subsequent call to dmbufioclientdestroy with an error pointer argument leads to a system crash. This vulnerability could allow a local attacker to cause a Denial of...
CVE-2026-43132
In the Linux kernel, the following vulnerability has been resolved: dm-verity: correctly handle dmbufioclientcreate failure If either of the calls to dmbufioclientcreate in verityfecctr fails, then dmbufioclientdestroy is later called with an ERRPTR argument. That causes a crash. Fix this...
CVE-2026-43132
In the Linux kernel, the following vulnerability has been resolved: dm-verity: correctly handle dmbufioclientcreate failure If either of the calls to dmbufioclientcreate in verityfecctr fails, then dmbufioclientdestroy is later called with an ERRPTR argument. That causes a crash. Fix this...
CVE-2026-43132
CVE-2026-43132 affects the Linux kernel dm-verity component. The issue arises when dm_bufio_client_create() fails inside verity_fec_ctr() and the subsequent call to dm_bufio_client_destroy() uses an ERR_PTR(), causing a crash. Red Hat specifies potential local DoS from this crash; Debian/Root-OS ...
CVE-2026-43132
In the Linux kernel, the following vulnerability has been resolved: dm-verity: correctly handle dmbufioclientcreate failure If either of the calls to dmbufioclientcreate in verityfecctr fails, then dmbufioclientdestroy is later called with an ERRPTR argument. That causes a crash. Fix this...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper handling of the failure of dm-verity when creating the dmbufioclientcreate function. Thi...
Linux Distros Unpatched Vulnerability : CVE-2026-43132
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dm-verity: correctly handle dmbufioclientcreate failure If either of the calls to dmbufioclientcreate in verityfecctr fails, then dmbufioclientdestroy is later...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
Dm-verity is used to extend the root-of-trust to root file systems. LoadPin builds upon this feature to restrict module/firmware loads to only the trusted root file system. Currently, device-mapper table reloads allow users with root privileges to replace the target with an equivalent dm-linear...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: dm-crypt, dm-verity: disable tasklets Tasklets have an inherent problem with memory corruption. The function taskletactioncommon calls tasklettrylock, then it calls the tasklet callback and then it calls taskletunlock. If the...
Important: kernel6.12
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: remove refcounting in expectation dumpers CVE-2025-39764 In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6xmit CVE-2025-40135 In the Linux kernel, the...