13 matches found
CVE-2022-50811 erofs: fix missing unmap if z_erofs_get_extent_compressedlen() fails
In the Linux kernel, the following vulnerability has been resolved: erofs: fix missing unmap if zerofsgetextentcompressedlen fails Otherwise, meta buffers could be leaked...
SUSE CVE-2022-50746
In the Linux kernel, the following vulnerability has been resolved: erofs: validate the extent length for uncompressed pclusters syzkaller reported a KASAN use-after-free: https://syzkaller.appspot.com/bug?extid=2ae90e873e97f1faf6f2 The referenced fuzzed image actually has two issues: - mpa == 0 ...
EUVD-2022-55815
In the Linux kernel, the following vulnerability has been resolved: erofs: validate the extent length for uncompressed pclusters syzkaller reported a KASAN use-after-free: https://syzkaller.appspot.com/bug?extid=2ae90e873e97f1faf6f2 The referenced fuzzed image actually has two issues: - mpa == 0 ...
CVE-2022-50746
In the Linux kernel, the following vulnerability has been resolved: erofs: validate the extent length for uncompressed pclusters syzkaller reported a KASAN use-after-free: https://syzkaller.appspot.com/bug?extid=2ae90e873e97f1faf6f2 The referenced fuzzed image actually has two issues: - mpa == 0 ...
CVE-2022-50746
In the Linux kernel, the following vulnerability has been resolved: erofs: validate the extent length for uncompressed pclusters syzkaller reported a KASAN use-after-free: https://syzkaller.appspot.com/bug?extid=2ae90e873e97f1faf6f2 The referenced fuzzed image actually has two issues: - mpa == 0 ...
UBUNTU-CVE-2022-50746
In the Linux kernel, the following vulnerability has been resolved: erofs: validate the extent length for uncompressed pclusters syzkaller reported a KASAN use-after-free: https://syzkaller.appspot.com/bug?extid=2ae90e873e97f1faf6f2 The referenced fuzzed image actually has two issues: - mpa == 0 ...
CVE-2022-50746 erofs: validate the extent length for uncompressed pclusters
In the Linux kernel, the following vulnerability has been resolved: erofs: validate the extent length for uncompressed pclusters syzkaller reported a KASAN use-after-free: https://syzkaller.appspot.com/bug?extid=2ae90e873e97f1faf6f2 The referenced fuzzed image actually has two issues: - mpa == 0 ...
CVE-2022-50746 erofs: validate the extent length for uncompressed pclusters
In the Linux kernel, the following vulnerability has been resolved: erofs: validate the extent length for uncompressed pclusters syzkaller reported a KASAN use-after-free: https://syzkaller.appspot.com/bug?extid=2ae90e873e97f1faf6f2 The referenced fuzzed image actually has two issues: - mpa == 0 ...
CVE-2022-50746
CVE-2022-50746 affects the Linux kernel’s erofs module. The issue was improper validation of the extent length for uncompressed pclusters, triggering a KASAN use-after-free reported by syzkaller. The fuzzed image showed two issues: m_pa == 0 for a non-inlined pcluster and a logical length longer ...
Linux Distros Unpatched Vulnerability : CVE-2022-50746
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - erofs: validate the extent length for uncompressed pclusters syzkaller reported a KASAN use-after-free:...
PT-2025-53112
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where the extent length for uncompressed pclusters is not validated, potentially leading to a use-after-free condition. This was identified through...
CVE-2024-49884 ext4: fix slab-use-after-free in ext4_split_extent_at()
In the Linux kernel, the following vulnerability has been resolved: ext4: fix slab-use-after-free in ext4splitextentat We hit the following use-after-free: ================================================================== BUG: KASAN: slab-use-after-free in ext4splitextentat+0xba8/0xcc0 Read of...
GSD-2023-1000816 erofs: validate the extent length for uncompressed pclusters
erofs: validate the extent length for uncompressed pclusters This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...