168 matches found
CVE-2026-46303
A flaw was found in the Linux kernel's isofs filesystem. This vulnerability allows a local attacker, by mounting a specially crafted ISO image, to read data beyond the boundaries of the intended ISO 9660 volume. This out-of-bounds read could lead to information disclosure, potentially exposing...
SUSE CVE-2026-46303
In the Linux kernel, the following vulnerability has been resolved: isofs: validate Rock Ridge CE continuation extent against volume size rockcontinue reads rs-contextent verbatim from the Rock Ridge CE record and passes it to sbbread without checking that the block number is within the mounted I...
Linux Distros Unpatched Vulnerability : CVE-2026-46303
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - isofs: validate Rock Ridge CE continuation extent against volume size rockcontinue reads rs-contextent verbatim from the Rock Ridge CE record and passes it to...
CVE-2026-46303 isofs: validate Rock Ridge CE continuation extent against volume size
In the Linux kernel, the following vulnerability has been resolved: isofs: validate Rock Ridge CE continuation extent against volume size rockcontinue reads rs-contextent verbatim from the Rock Ridge CE record and passes it to sbbread without checking that the block number is within the mounted I...
CVE-2026-46303
In the Linux kernel, the following vulnerability has been resolved: isofs: validate Rock Ridge CE continuation extent against volume size rockcontinue reads rs-contextent verbatim from the Rock Ridge CE record and passes it to sbbread without checking that the block number is within the mounted I...
PT-2026-47374
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.12-1.1 Description The rock continue function in the isofs component reads the rs-cont extent from the Rock Ridge CE record and passes it to sb...
Linux Distros Unpatched Vulnerability : CVE-2026-46124
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - isofs: validate block number from NFS file handle in isofsexportiget isofsfhtodentry and isofsfhtoparent pass an attacker- controlled block number ifid-block or...
CVE-2026-46124
A flaw was found in the Linux kernel's isofs filesystem. An authenticated NFS Network File System peer can exploit this vulnerability by providing a specially crafted file handle. This allows the server to read arbitrary in-range blocks on the backing device, leading to information disclosure whe...
CVE-2026-46124
In the Linux kernel, the following vulnerability has been resolved: isofs: validate block number from NFS file handle in isofsexportiget isofsfhtodentry and isofsfhtoparent pass an attacker- controlled block number ifid-block or ifid-parentblock from the NFS file handle to isofsexportiget, which...
UBUNTU-CVE-2026-46124
In the Linux kernel, the following vulnerability has been resolved: isofs: validate block number from NFS file handle in isofsexportiget isofsfhtodentry and isofsfhtoparent pass an attacker- controlled block number ifid-block or ifid-parentblock from the NFS file handle to isofsexportiget, which...
CVE-2026-46124
In the Linux kernel, the following vulnerability has been resolved: isofs: validate block number from NFS file handle in isofsexportiget isofsfhtodentry and isofsfhtoparent pass an attacker- controlled block number ifid-block or ifid-parentblock from the NFS file handle to isofsexportiget, which...
EUVD-2026-32883
In the Linux kernel, the following vulnerability has been resolved: isofs: validate block number from NFS file handle in isofsexportiget isofsfhtodentry and isofsfhtoparent pass an attacker- controlled block number ifid-block or ifid-parentblock from the NFS file handle to isofsexportiget, which...
CVE-2026-46124
CVE-2026-46124 affects the Linux kernel isofs filesystem. The vulnerability arises because isofs_fh_to_dentry/isofs_fh_to_parent pass an attacker-controlled block number from an NFS file handle to isofs_export_iget(), which only rejects block == 0 before calling isofs_iget and sb_bread. A crafted...
CVE-2026-46124 isofs: validate block number from NFS file handle in isofs_export_iget
In the Linux kernel, the following vulnerability has been resolved: isofs: validate block number from NFS file handle in isofsexportiget isofsfhtodentry and isofsfhtoparent pass an attacker- controlled block number ifid-block or ifid-parentblock from the NFS file handle to isofsexportiget, which...
CVE-2026-46124 isofs: validate block number from NFS file handle in isofs_export_iget
In the Linux kernel, the following vulnerability has been resolved: isofs: validate block number from NFS file handle in isofsexportiget isofsfhtodentry and isofsfhtoparent pass an attacker- controlled block number ifid-block or ifid-parentblock from the NFS file handle to isofsexportiget, which...
PT-2026-44247
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description The issue exists in the isofs module where isofs fh to dentry and isofs fh to parent pass an attacker-controlled block numbe...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: isofs: Fixed out-of-bound access for corrupted isofs images. When an isofs image is corrupted, isofsread inode can read data beyond the end of the buffer. It is necessary to sanity-check the length of the directory entry befor...
CLSA-2026-1773056241 kernel: Fix of 21 CVEs
i40e: fix IRQ freeing in i40evsirequestirqmsix error path CVE-2025-39911 - media: rc: fix races with imondisconnect CVE-2025-39993 - VMCI: fix race between vmcihostsetupnotify and vmcictxunsetnotify CVE-2025-38102 - partitions: mac: fix handling of bogus partition table CVE-2025-21772 - tracing:...
CLSA-2026-1773046740 kernel: Fix of 21 CVEs
i40e: fix IRQ freeing in i40evsirequestirqmsix error path CVE-2025-39911 - media: rc: fix races with imondisconnect CVE-2025-39993 - VMCI: fix race between vmcihostsetupnotify and vmcictxunsetnotify CVE-2025-38102 - partitions: mac: fix handling of bogus partition table CVE-2025-21772 - tracing:...
CLSA-2026-1773046198 kernel: Fix of 31 CVEs
smb3: fix for slab out of bounds on mount to ksmbd CVE-2025-38728 - netfilter: nftsetpipapo: clamp maximum map bucket size to INTMAX CVE-2025-38201 - ALSA: usb-audio: Validate UAC3 power domain descriptors, too CVE-2025-38729 - net: atm: fix /proc/net/atm/lec handling CVE-2025-38180 - tcpbpf:...