128 matches found
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
Dm-verity is used to extend the root-of-trust to root file systems. LoadPin builds upon this feature to restrict module/firmware loads to only the trusted root file system. Currently, device-mapper table reloads allow users with root privileges to replace the target with an equivalent dm-linear...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: dm-crypt, dm-verity: Disable tasklets Tasklets have an inherent problem with memory corruption. The taskletactioncommon function calls tasklettrylock, then it calls the tasklet callback, and then it calls taskletunlock. If the...
Linux Distros Unpatched Vulnerability : CVE-2026-46130
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dm-verity-fec: fix reading parity bytes split across blocks take 3 fecdecodebufs assumes that the parity bytes of the first RS codeword it decodes are never spl...
CVE-2026-46130
In the Linux kernel, the following vulnerability has been resolved: dm-verity-fec: fix reading parity bytes split across blocks take 3 fecdecodebufs assumes that the parity bytes of the first RS codeword it decodes are never split across parity blocks. This assumption is false. Consider...
UBUNTU-CVE-2026-46130
In the Linux kernel, the following vulnerability has been resolved: dm-verity-fec: fix reading parity bytes split across blocks take 3 fecdecodebufs assumes that the parity bytes of the first RS codeword it decodes are never split across parity blocks. This assumption is false. Consider...
CVE-2026-46130 dm-verity-fec: fix reading parity bytes split across blocks (take 3)
In the Linux kernel, the following vulnerability has been resolved: dm-verity-fec: fix reading parity bytes split across blocks take 3 fecdecodebufs assumes that the parity bytes of the first RS codeword it decodes are never split across parity blocks. This assumption is false. Consider...
CVE-2026-46130
CVE-2026-46130 concerns the Linux kernel’s dm-verity-fec component. The root cause is an incorrect assumption about parity data layout: when reading parity bytes across blocks, parity bytes for the first RS codeword can be split across parity blocks, causing an out-of-bounds read under certain no...
CVE-2026-46130
In the Linux kernel, the following vulnerability has been resolved: dm-verity-fec: fix reading parity bytes split across blocks take 3 fecdecodebufs assumes that the parity bytes of the first RS codeword it decodes are never split across parity blocks. This assumption is false. Consider...
EUVD-2026-32889
In the Linux kernel, the following vulnerability has been resolved: dm-verity-fec: fix reading parity bytes split across blocks take 3 fecdecodebufs assumes that the parity bytes of the first RS codeword it decodes are never split across parity blocks. This assumption is false. Consider...
PT-2026-44253
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds read exists in the fec decode bufs function within the dm-verity-fec component. The issue occurs because the function incorrectly assumes that parity bytes of the first...
SUSE CVE-2026-43132
In the Linux kernel, the following vulnerability has been resolved: dm-verity: correctly handle dmbufioclientcreate failure If either of the calls to dmbufioclientcreate in verityfecctr fails, then dmbufioclientdestroy is later called with an ERRPTR argument. That causes a crash. Fix this...
CVE-2026-43132
A flaw was found in the Linux kernel's dm-verity component. When the dmbufioclientcreate function fails within verityfecctr, the subsequent call to dmbufioclientdestroy with an error pointer argument leads to a system crash. This vulnerability could allow a local attacker to cause a Denial of...
CVE-2026-43132
In the Linux kernel, the following vulnerability has been resolved: dm-verity: correctly handle dmbufioclientcreate failure If either of the calls to dmbufioclientcreate in verityfecctr fails, then dmbufioclientdestroy is later called with an ERRPTR argument. That causes a crash. Fix this...
CVE-2026-43132
In the Linux kernel, the following vulnerability has been resolved: dm-verity: correctly handle dmbufioclientcreate failure If either of the calls to dmbufioclientcreate in verityfecctr fails, then dmbufioclientdestroy is later called with an ERRPTR argument. That causes a crash. Fix this...
CVE-2026-43132
CVE-2026-43132 affects the Linux kernel dm-verity component. The issue arises when dm_bufio_client_create() fails inside verity_fec_ctr() and the subsequent call to dm_bufio_client_destroy() uses an ERR_PTR(), causing a crash. Red Hat specifies potential local DoS from this crash; Debian/Root-OS ...
CVE-2026-43132
In the Linux kernel, the following vulnerability has been resolved: dm-verity: correctly handle dmbufioclientcreate failure If either of the calls to dmbufioclientcreate in verityfecctr fails, then dmbufioclientdestroy is later called with an ERRPTR argument. That causes a crash. Fix this...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper handling of the failure of dm-verity when creating the dmbufioclientcreate function. Thi...
Linux Distros Unpatched Vulnerability : CVE-2026-43132
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dm-verity: correctly handle dmbufioclientcreate failure If either of the calls to dmbufioclientcreate in verityfecctr fails, then dmbufioclientdestroy is later...
Important: kernel6.12
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: remove refcounting in expectation dumpers CVE-2025-39764 In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6xmit CVE-2025-40135 In the Linux kernel, the...
SUSE CVE-2025-71161
In the Linux kernel, the following vulnerability has been resolved: dm-verity: disable recursive forward error correction There are two problems with the recursive correction: 1. It may cause denial-of-service. In fecreadbufs, there is a loop that has 253 iterations. For each iteration, we may ca...