937 matches found
PT-2026-47371
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix held lock freed on hfsplus fill super hfsplus fill super calls hfs find init to initialize a search structure, which acquires tree-tree lock. If the subsequent call to hfsplus cat build key fails, the function jumps ...
CVE-2026-46169
A flaw was found in the Linux kernel's HFS Plus HFS+ filesystem. A local attacker can exploit this vulnerability by mounting a specially crafted, corrupted HFS+ filesystem. The hfsbrecread function fails to validate the size of catalog records, which can lead to the use of uninitialized data. Thi...
CVE-2026-45960
In the Linux kernel, the following vulnerability has been resolved: hfsplus: return error when node already exists in hfsbnodecreate When hfsbnodecreate finds that a node is already hashed which should not happen in normal operation, it currently returns the existing node without incrementing its...
Ubuntu Pro FIPS-updates 24.04 LTS : Linux kernel (FIPS) vulnerabilities (USN-8296-1)
The remote Ubuntu Pro FIPS-updates 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8296-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: hfs: Replace BUGON with error handling for CNID count checks. In the fields nextid, foldercount, and filecount in the super block, the values were expanded to 64 bits, and mechanisms like BUGON were added to detect overflow...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: hfs: Ensure that sb-sfsinfo is always cleaned up. When hfs was converted to the new mount API, a bug was introduced by changing the allocation pattern of sb-sfsinfo. If setupbdevsuper fails after a new superblock has been allocat...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: hfs: fixed the KMSAN uninit-value issue in hfsfindsetzerobits The syzbot reported an issue in hfsfindsetzerobits: ===================================================== BUG: KMSAN: uninit-value in hfsfindsetzerobits+0x74d/0xb60...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: hfs: Fixed OOB write operations in hfsasc2mac. Syzbot reported a OOB write bug: loop0: A change in capacity was detected, from 0 to 64. =========================================== Bug: KASAN: Out-of-bounds access in...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: hfs: Fix for potential use after free in hfs-correctnextunusedCNID. This code calls hfsbnodeputnode, which decreases the reference count, and then references “node” on the next line. It’s only safe to use “node” when we hold a...
Astra Linux - уязвимость в grub2
GNU GRUB also known as GRUB2 from version 2.12 has a heap-based buffer overflow in the fs/hfs.c file, due to crafted sblock data within an HFS filesystem...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: hfsplus: Verify the inode mode when loading from disk. syzbot reports that the SIFMT bits of the inode-imode field can become invalid when the SIFMT bits of the 16-bit “mode” field loaded from disk are corrupted. According to 1,...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: hfs: fixed the missing hfsbnodeget function in hfsbnodecreate. Syzbot discovered a kernel bug in hfsbnodeput: Kernel bug at fs/hfs/bnode.c:466! Invalid opcode: 0000 1 PREEMPT SMP KASAN CPU: 0 PID: 3634 Comm: kworker/u4:5 Not...
Astra Linux - уязвимость в grub2
A flaw was discovered in the HFS filesystem. When reading the name of an HFS volume during the grubfsmount function, the HFS filesystem driver uses the user-provided volume name as input without properly verifying the length of that name. This issue may lead to a heap-based out-of-bounds write...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: hfs: fixed the issue where fields of hfs inodeinfo were initialized after hfsallocinode Syzbot reports an issue with accessing uninitialized values as follows: loop0: detected a change in capacity from 0 to 64...
Exploit for Code Injection in Rejetto Http_File_Server
!BobXploit Cybersecurityhttps://img.shields.io/badge/BobXplo...
SUSE CVE-2026-43228
In the Linux kernel, the following vulnerability has been resolved: hfs: Replace BUGON with error handling for CNID count checks In a06ec283e125 nextid, foldercount, and filecount in the super block info were expanded to 64 bits, and BUGONs were added to detect overflow. This triggered an error...
CVE-2026-43268
A flaw was found in the HFS Plus hfsplus filesystem within the Linux kernel. This vulnerability occurs because the hfsplus filesystem incorrectly identifies certain special filesystem objects as regular files. This misclassification can lead to inconsistencies with how the operating system's...
CVE-2026-43228
A flaw was found in the Linux kernel HFS component. A local attacker could provide a specially crafted and corrupted Master Directory Block MDB to trigger a kernel panic. This vulnerability, caused by improper error handling of CNID count checks, leads to a system Denial of Service DoS...
EUVD-2026-27787
In the Linux kernel, the following vulnerability has been resolved: hfs: Replace BUGON with error handling for CNID count checks In a06ec283e125 nextid, foldercount, and filecount in the super block info were expanded to 64 bits, and BUGONs were added to detect overflow. This triggered an error...
CVE-2026-43228
In the Linux kernel, the following vulnerability has been resolved: hfs: Replace BUGON with error handling for CNID count checks In a06ec283e125 nextid, foldercount, and filecount in the super block info were expanded to 64 bits, and BUGONs were added to detect overflow. This triggered an error...