12 matches found
CVE-2026-40026
CVE-2026-40026 affects The Sleuth Kit up to version 4.14.0. The ISO9660 SUSP extension parser’s parse_susp() trusts length fields (len_id, len_des, len_src) from the disk image and copies data into a stack buffer without validating source bounds, enabling reads past the SUSP data buffer and poten...
Linux Distros Unpatched Vulnerability : CVE-2019-14531
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in The Sleuth Kit TSK 4.6.6. There is an out of bounds read on iso9660 while parsing System Use Sharing Protocol data in fs/iso9660.c...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1472)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Denial Of Service (DoS)
The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel's implementation of vectored pipe read and write functionality did not take into account the I/O vectors that were already processed when retrying after a failed atomic acce...
kernel, perf, python security update
CentOS Errata and Security Advisory CESA-2015:1137 Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System...
kernel: isofs: unchecked printing of ER records
An information leak flaw was found in the way the Linux kernel's ISO9660 file system implementation accessed data on an ISO9660 image with RockRidge Extension Reference ER records. An attacker with physical access to the system could use this flaw to disclose up to 255 bytes of kernel memory...
Kernel: fs: isofs: infinite loop in CE record entries
It was found that the Linux kernel's ISO file system implementation did not correctly limit the traversal of Rock Ridge extension Continuation Entries CE. An attacker with physical access to the system could use this flaw to trigger an infinite loop in the kernel, resulting in a denial of service...
kernel: isofs: unbound recursion when processing relocated directories
It was found that the parserockridgeinodeinternal function of the Linux kernel's ISOFS implementation did not correctly check relocated directories when processing Rock Ridge child link CL tags. An attacker with physical access to the system could use a specially crafted ISO image to crash the...
openSUSE 10 Security Update : libcdio (libcdio-5059)
Long file names in ISO file systems with Joliet extension could cause a buffer overflow in libcdio CVE-2007-6613. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update libcdio-5059. The text...
Debian DSA-1018-2 : kernel-source-2.4.27 - several vulnerabilities
The original update lacked recompiled ALSA modules against the new kernel ABI. Furthermore, kernel-latest-2.4-sparc now correctly depends on the updated packages. For completeness we're providing the original problem description : Several local and remote vulnerabilities have been discovered in t...
CVE-2005-2457
The driver for compressed ISO file systems zisofs in the Linux kernel before 2.6.12.5 allows local users and remote attackers to cause a denial of service kernel crash via a crafted compressed ISO file system...
security flaw
Multiple "range checking flaws" in the ISO9660 filesystem handler in Linux 2.6.11 and earlier may allow attackers to cause a denial of service or corrupt memory via a crafted filesystem...