AZL-57681 CVE-2025-0685 affecting package grub2 for versions less than 2.06-15

A flaw was found in grub2. When reading data from a jfs filesystem, grub's jfs filesystem module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciouly crafted filesystem may lead some o...

kernel: xfs: prevent leaking uninitialized stack memory in FSGEOMETRY_V1

The xfsfsgeometry function in fs/xfs/xfsfsops.c in the Linux kernel before 2.6.38-rc6-git3 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FSGEOMETRYV1 ioctl call...