75 matches found
PT-2026-44253
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds read exists in the fec decode bufs function within the dm-verity-fec component. The issue occurs because the function incorrectly assumes that parity bytes of the first...
CVE-2026-43132
A flaw was found in the Linux kernel's dm-verity component. When the dmbufioclientcreate function fails within verityfecctr, the subsequent call to dmbufioclientdestroy with an error pointer argument leads to a system crash. This vulnerability could allow a local attacker to cause a Denial of...
CVE-2026-43132
In the Linux kernel, the following vulnerability has been resolved: dm-verity: correctly handle dmbufioclientcreate failure If either of the calls to dmbufioclientcreate in verityfecctr fails, then dmbufioclientdestroy is later called with an ERRPTR argument. That causes a crash. Fix this...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper handling of the failure of dm-verity when creating the dmbufioclientcreate function. Thi...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: dm-bufio: fixed scheduling in atomic context If “tryverifyintasklet” is set for dm-verity, and DMBUFIOCLIENTNOSLEEP is enabled for dm-bufio. However, when bufio attempts to evict buffers, there is a possibility of triggering...
Astra Linux - уязвимость в linux-5.10, linux
Dm-verity is used to extend the root-of-trust to root file systems. LoadPin builds upon this feature to restrict module/firmware loads to only the trusted root file system. Currently, device-mapper table reloads allow users with root privileges to replace the target with an equivalent dm-linear...
SUSE CVE-2025-71161
In the Linux kernel, the following vulnerability has been resolved: dm-verity: disable recursive forward error correction There are two problems with the recursive correction: 1. It may cause denial-of-service. In fecreadbufs, there is a loop that has 253 iterations. For each iteration, we may ca...
CVE-2025-71161
In the Linux kernel, the following vulnerability has been resolved: dm-verity: disable recursive forward error correction There are two problems with the recursive correction: 1. It may cause denial-of-service. In fecreadbufs, there is a loop that has 253 iterations. For each iteration, we may ca...
AZL-78437 CVE-2025-71161 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: dm-verity: disable recursive forward error correction There are two problems with the recursive correction: 1. It may cause denial-of-service. In fecreadbufs, there is a loop that has 253 iterations. For each iteration, we may ca...
CVE-2025-71161
In the Linux kernel, the following vulnerability has been resolved: dm-verity: disable recursive forward error correction There are two problems with the recursive correction: 1. It may cause denial-of-service. In fecreadbufs, there is a loop that has 253 iterations. For each iteration, we may ca...
CVE-2025-71161
In the Linux kernel, the following vulnerability has been resolved: dm-verity: disable recursive forward error correction There are two problems with the recursive correction: 1. It may cause denial-of-service. In fecreadbufs, there is a loop that has 253 iterations. For each iteration, we may...
CVE-2025-71161 dm-verity: disable recursive forward error correction
In the Linux kernel, the following vulnerability has been resolved: dm-verity: disable recursive forward error correction There are two problems with the recursive correction: 1. It may cause denial-of-service. In fecreadbufs, there is a loop that has 253 iterations. For each iteration, we may ca...
CVE-2025-71161
CVE-2025-71161 affects the Linux kernel dm-verity feature, where recursive forward error correction could cause denial of service and potential data handling issues. The root cause is an overly deep recursive path in fec_read_bufs (up to four nested levels) that may loop excessively, and a shared...
CVE-2025-71161
In the Linux kernel, the following vulnerability has been resolved: dm-verity: disable recursive forward error correction There are two problems with the recursive correction: 1. It may cause denial-of-service. In fecreadbufs, there is a loop that has 253 iterations. For each iteration, we may ca...
CVE-2025-71161 dm-verity: disable recursive forward error correction
In the Linux kernel, the following vulnerability has been resolved: dm-verity: disable recursive forward error correction There are two problems with the recursive correction: 1. It may cause denial-of-service. In fecreadbufs, there is a loop that has 253 iterations. For each iteration, we may ca...
dm-crypt, dm-verity: disable tasklets
...
Linux Distros Unpatched Vulnerability : CVE-2022-20572
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In veritytarget of dm-verity-target.c, there is a possible way to modify read-only files due to a missing permission check. This could lead to local escalation ...
Linux Distros Unpatched Vulnerability : CVE-2024-26718
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dm-crypt, dm-verity: disable tasklets Tasklets have an inherent problem with memory corruption. The function taskletactioncommon calls tasklettrylock, then it...
PT-2026-4477
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the dm-verity component related to recursive forward error correction. The recursive correction mechanism can lead to a denial-of-service...
CVE-2024-47725
REJECTED CVE An issue has been identified in the Linux Kernel's dm-verity module, which ensures integrity verification for block devices. This issue arises because dm-verity does not crash when an I/O error occurs. In certain scenarios, an attacker could exploit this behavior by crafting sectors...