562 matches found
USN-8492-3 linux-raspi-realtime vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; -...
USN-8498-1 linux-nvidia-tegra vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; -...
CVE-2026-6684
FatFs prior to R0.16 that use GPT scanning with 'FFLBA64 = 1' contains an issue where an unbounded loop count derived from GPT header field GPTHPtNum, enabling extremely long or effectively infinite mount-time scans. This maps to CWE-835 Loop with Unreachable Exit Condition. Estimated CVSS v3.1...
EUVD-2026-41000
FatFs R0.16 and earlier contains a downstream-caller vulnerability pattern associated with FatFs long filename handling. With LFN enabled, fno.fname can be up to 255 characters; many callers copy it into short fixed buffers without bounds checks, causing overflow. This maps to CWE-120 Buffer Copy...
CVE-2026-6685
FatFs CVE-2026-6685 affects FatFs R0.16 and earlier, where a stale dirty-cache skip can occur due to an unsigned-subtraction wrap in f_read() and f_write() during interleaved reads/writes on fragmented filesystems (fp->sect - sect < cc). The root cause is an integer underflow (CWE-191) in t...
EUVD-2026-40994
FatFs prior to R0.16 that use GPT scanning with 'FFLBA64 = 1' contains an issue where an unbounded loop count derived from GPT header field GPTHPtNum, enabling extremely long or effectively infinite mount-time scans. This maps to CWE-835 Loop with Unreachable Exit Condition. Estimated CVSS v3.1...
CVE-2026-6683
FatFs R0.16 and earlier contains a divide-by-zero in exFAT sync logic bug when crafted metadata causes nfatent - 2 to be zero during write/sync operations. This maps to CWE-369 Divide By Zero. Estimated CVSS v3.1 vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 4.6, Medium. Network-delivered...
CVE-2026-6683
CVE-2026-6683 describes a divide-by-zero in FatFs exFAT sync for FatFs R0.16 and earlier. The bug arises when crafted metadata causes the expression n_fatent - 2 to be zero during write/sync, mapping to CWE-369 (Divide By Zero). The vulnerability is applicable to FatFs versions ending at R0.16 an...
EUVD-2026-40992
In FatFS R0.16 and earlier contains a FAT32 integer overflow bug in mountvolume where fasize = fs-nfats can wrap, leading to attacker-controlled file-size metadata and unsafe read lengths in downstream callers. This maps to CWE-190 Integer Overflow or Wraparound. Estimated CVSS v3.1 vector:...
PT-2026-54928
Name of the Vulnerable Software and Affected Versions FatFs versions R0.16 and earlier Description An uninitialized cluster exposure occurs when the f lseek function extends files beyond the end-of-file EOF without zero-filling newly allocated clusters. This issue is a Use of Uninitialized...
PT-2026-54930
Name of the Vulnerable Software and Affected Versions FatFs versions R0.16 and earlier Description An issue exists in the handling of long filenames when LFN Long File Name is enabled. The fno.fname variable can contain up to 255 characters, which may lead to a buffer overflow if callers copy thi...
PT-2026-54927
Name of the Vulnerable Software and Affected Versions FatFs versions R0.16 and earlier Description An integer underflow occurs during interleaved read and write operations on fragmented filesystems. This issue is caused by an unsigned-subtraction wrap in the f read and f write functions when...
PT-2026-54924
Name of the Vulnerable Software and Affected Versions FatFS versions R0.16 and earlier Description An integer overflow occurs in the mount volume function during FAT32 processing when the operation fasize = fs-n fats wraps. This allows an attacker to control file-size metadata, resulting in unsaf...
PT-2026-54926
Name of the Vulnerable Software and Affected Versions FatFs versions prior to R0.16 Description An issue exists when using GPT scanning with FF LBA64 = 1 where an unbounded loop count is derived from the GPT header field GPTH PtNum. This can lead to extremely long or effectively infinite scans...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: Fat: Avoid underflow of the parent link count in rmdir. Corrupted FAT images may cause the directory inode to have an incorrect inlink value e.g., 2, even though subdirectories exist. rmdir then will unconditionally call...
SUSE CVE-2026-45915
In the Linux kernel, the following vulnerability has been resolved: fat: avoid parent link count underflow in rmdir Corrupted FAT images can leave a directory inode with an incorrect inlink e.g. 2 even though subdirectories exist. rmdir then unconditionally calls dropnlinkdir and can drive inlink...
CVE-2026-45915
A flaw was found in the Linux kernel's handling of FAT File Allocation Table filesystems. When processing corrupted FAT images, the rmdir function can incorrectly decrement the parent directory's link count. This underflow can lead to a system instability or a denial of service DoS by triggering ...
CVE-2026-45915
In the Linux kernel, the following vulnerability has been resolved: fat: avoid parent link count underflow in rmdir Corrupted FAT images can leave a directory inode with an incorrect inlink e.g. 2 even though subdirectories exist. rmdir then unconditionally calls dropnlinkdir and can drive inlink...
CVE-2026-45915 fat: avoid parent link count underflow in rmdir
In the Linux kernel, the following vulnerability has been resolved: fat: avoid parent link count underflow in rmdir Corrupted FAT images can leave a directory inode with an incorrect inlink e.g. 2 even though subdirectories exist. rmdir then unconditionally calls dropnlinkdir and can drive inlink...
CVE-2026-45915
In the Linux kernel, the following vulnerability has been resolved: fat: avoid parent link count underflow in rmdir Corrupted FAT images can leave a directory inode with an incorrect inlink e.g. 2 even though subdirectories exist. rmdir then unconditionally calls dropnlinkdir and can drive inlink...