11 matches found
CVE-2026-46078
In the Linux kernel, the following vulnerability has been resolved: erofs: fix the out-of-bounds nameoff handling for trailing dirents Currently we already have boundary-checks for nameoffs, but the trailing dirents are special since the namelens are calculated with strnlen with unchecked nameoff...
CVE-2026-31467
In the Linux kernel, the following vulnerability has been resolved: erofs: add GFPNOIO in the bio completion if needed The bio completion path in the process context e.g. dm-verity will directly call into decompression rather than trigger another workqueue context for minimal scheduling latencies...
CVE-2026-23224
In the Linux kernel, the following vulnerability has been resolved: erofs: fix UAF issue for file-backed mounts w/ directio option 9.269940 T3222 Call trace: 9.269948 T3222 ext4filereaditer+0xac/0x108 9.269979 T3222 vfsiocbiterread+0xac/0x198 9.269993 T3222 erofsfileiorqsubmit+0x12c/0x180 9.27000...
UBUNTU-CVE-2022-50811
In the Linux kernel, the following vulnerability has been resolved: erofs: fix missing unmap if zerofsgetextentcompressedlen fails Otherwise, meta buffers could be leaked...
CVE-2022-50811
In the Linux kernel, the following vulnerability has been resolved: erofs: fix missing unmap if zerofsgetextentcompressedlen fails Otherwise, meta buffers could be leaked...
CVE-2022-50746
In the Linux kernel, the following vulnerability has been resolved: erofs: validate the extent length for uncompressed pclusters syzkaller reported a KASAN use-after-free: https://syzkaller.appspot.com/bug?extid=2ae90e873e97f1faf6f2 The referenced fuzzed image actually has two issues: - mpa == 0 ...
CVE-2025-40241 erofs: fix crafted invalid cases for encoded extents
In the Linux kernel, the following vulnerability has been resolved: erofs: fix crafted invalid cases for encoded extents Robert recently reported two corrupted images that can cause system crashes, which are related to the new encoded extents introduced in Linux 6.15: - The first one 1 has plen !...
EUVD-2025-13115
Malicious code in bioql PyPI...
Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52489: mm/sparsemem: fix race in accessing memorysection-usage bsc1221326. CVE-2023-52581: netfilter: nftables: fix memleak when more than 255 elements...
CVE-2024-56750 erofs: fix blksize < PAGE_SIZE for file-backed mounts
In the Linux kernel, the following vulnerability has been resolved: erofs: fix blksize sblocksize,bits directly for file-backed mounts when the fs block size is smaller than PAGESIZE. Previously, EROFS used sbsetblocksize, which caused a panic if bdev-backed mounts is not used...
CVE-2024-42300 erofs: fix race in z_erofs_get_gbuf()
In the Linux kernel, the following vulnerability has been resolved: erofs: fix race in zerofsgetgbuf In zerofsgetgbuf, the current task may be migrated to another CPU between zerofsgbufid and spinlock&gbuf-lock. Therefore, zerofsputgbuf will trigger the following issue which was found by stress...