Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/05/26 2:12 a.m.8 views

CVE-2026-34961

barebox prior to version 2026.04.0 contains out-of-bounds read vulnerabilities in ext4 extent parsing due to missing validation of the ehentries field against buffer capacity in fs/ext4/ext4common.c. Attackers can supply a malicious ext4 filesystem image via USB, SD card, or network boot to trigg...

7.7CVSS6AI score0.0021EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/11 9:9 p.m.31 views

CVE-2026-34961 barebox ext4 Extent Parsing Out-of-Bounds Read

barebox prior to version 2026.04.0 contains out-of-bounds read vulnerabilities in ext4 extent parsing due to missing validation of the ehentries field against buffer capacity in fs/ext4/ext4common.c. Attackers can supply a malicious ext4 filesystem image via USB, SD card, or network boot to trigg...

6.9CVSS0.0021EPSS
Exploits0References3
CVE
CVE
added 2026/05/11 9:9 p.m.18 views

CVE-2026-34961

Barebox before 2026.04.0 has a heap out-of-bounds read in ext4 extent parsing due to missing validation of eh_entries against buffer capacity in fs/ext4/ext4_common.c. An attacker could supply a malicious ext4 image over USB, SD card, or network boot to trigger reads beyond the allocated buffer d...

7.7CVSS6AI score0.0021EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.9 views

Barebox 缓冲区错误漏洞

Barebox is a versatile and flexible bootloader developed by Barebox Open Source. Versions of Barebox prior to 2026.04.0 contained a buffer error vulnerability. This vulnerability stemmed from the lack of verification of the ehentry fields and buffer capacity during ext4 extent parsing. It could...

7.7CVSS6AI score0.0021EPSS
Exploits0References1
NVD
NVD
added 2024/04/28 1:15 p.m.21 views

CVE-2022-48631

In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug in extents parsing when ehentries == 0 and ehdepth 0 When walking through an inode extents, the ext4extbinsearchidx function assumes that the extent header has been previously validated. However, there are no checks...

5.5CVSS7.1AI score0.00235EPSS
Exploits0References5
Rows per page
Query Builder