SUSE CVE-2026-46124

In the Linux kernel, the following vulnerability has been resolved: isofs: validate block number from NFS file handle in isofsexportiget isofsfhtodentry and isofsfhtoparent pass an attacker- controlled block number ifid-block or ifid-parentblock from the NFS file handle to isofsexportiget, which...

CVE-2026-46124

In the Linux kernel, the following vulnerability has been resolved: isofs: validate block number from NFS file handle in isofsexportiget isofsfhtodentry and isofsfhtoparent pass an attacker- controlled block number ifid-block or ifid-parentblock from the NFS file handle to isofsexportiget, which...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the isofs exportiget function not verifying the block number in the NFS file handle, potentially...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000979)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000979 advisory. The getrockridgefilename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM aka alternate name entries containing \0 characters, which allows...

isofs: Prevent the use of too small fid

...

DEBIAN-CVE-2025-37780

In the Linux kernel, the following vulnerability has been resolved: isofs: Prevent the use of too small fid syzbot reported a slab-out-of-bounds Read in isofsfhtoparent. 1 The handlebytes value passed in by the reproducing program is equal to 12. In handletopath, only 12 bytes of memory are...

fuseiso: Multiple vulnerabilities

Background FuseISO is a FUSE module to mount ISO filesystem images .iso, .nrg, .bin, .mdf and .img files. Description Multiple vulnerabilities have been discovered in fuseiso. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a...

Debian DLA-323-1 : fuseiso security update

The following two issues have recently been fixed in Debian LTS squeeze for the fuseiso package. Issue 1 An integer overflow, leading to a heap-based buffer overflow flaw was found in the way FuseISO, a FUSE module to mount ISO filesystem images, performed reading of certain ZF blocks of particul...

DLA-323-1 fuseiso - security update

Bulletin has no description...

Kernel: fs: isofs: infinite loop in CE record entries

It was found that the Linux kernel's ISO file system implementation did not correctly limit the traversal of Rock Ridge extension Continuation Entries CE. An attacker with physical access to the system could use this flaw to trigger an infinite loop in the kernel, resulting in a denial of service...

Kernel: fs: isofs: infinite loop in CE record entries

It was found that the Linux kernel's ISO file system implementation did not correctly limit the traversal of Rock Ridge extension Continuation Entries CE. An attacker with physical access to the system could use this flaw to trigger an infinite loop in the kernel, resulting in a denial of service...

kernel: isofs: unbound recursion when processing relocated directories

It was found that the parserockridgeinodeinternal function of the Linux kernel's ISOFS implementation did not correctly check relocated directories when processing Rock Ridge child link CL tags. An attacker with physical access to the system could use a specially crafted ISO image to crash the...

kernel: isofs: unbound recursion when processing relocated directories

It was found that the parserockridgeinodeinternal function of the Linux kernel's ISOFS implementation did not correctly check relocated directories when processing Rock Ridge child link CL tags. An attacker with physical access to the system could use a specially crafted ISO image to crash the...

kernel: isofs: unbound recursion when processing relocated directories

It was found that the parserockridgeinodeinternal function of the Linux kernel's ISOFS implementation did not correctly check relocated directories when processing Rock Ridge child link CL tags. An attacker with physical access to the system could use a specially crafted ISO image to crash the...

Linux kernel multiple security vulnerabilities

Privilege escalation via suid-process output redirection, unix sockets privilege escalation, UDF and ISO filesystem drivers information leakage, i915 driver memory corruption, multiple KVM vulnerabilities, ext3 driver privilege escalation, netlink information leakages...