Lucene search
+L

168 matches found

redhatcve
redhatcve
added 2026/06/23 7:53 p.m.13 views

CVE-2026-46303

A flaw was found in the Linux kernel's isofs filesystem. This vulnerability allows a local attacker, by mounting a specially crafted ISO image, to read data beyond the boundaries of the intended ISO 9660 volume. This out-of-bounds read could lead to information disclosure, potentially exposing...

8.2CVSS5.8AI score0.00278EPSS
Exploits0References4
susecve
susecve
added 2026/06/09 2:20 a.m.12 views

SUSE CVE-2026-46303

In the Linux kernel, the following vulnerability has been resolved: isofs: validate Rock Ridge CE continuation extent against volume size rockcontinue reads rs-contextent verbatim from the Rock Ridge CE record and passes it to sbbread without checking that the block number is within the mounted I...

2.5CVSS5.6AI score0.00278EPSS
Exploits0References3
nessus
nessus
added 2026/06/09 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2026-46303

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - isofs: validate Rock Ridge CE continuation extent against volume size rockcontinue reads rs-contextent verbatim from the Rock Ridge CE record and passes it to...

8.2CVSS6.1AI score0.00278EPSS
Exploits0References3
osv
osv
added 2026/06/08 3:46 p.m.2 views

CVE-2026-46303 isofs: validate Rock Ridge CE continuation extent against volume size

In the Linux kernel, the following vulnerability has been resolved: isofs: validate Rock Ridge CE continuation extent against volume size rockcontinue reads rs-contextent verbatim from the Rock Ridge CE record and passes it to sbbread without checking that the block number is within the mounted I...

8.2CVSS6AI score0.00278EPSS
Exploits0References11
attackerkb
attackerkb
added 2026/06/08 3:46 p.m.8 views

CVE-2026-46303

In the Linux kernel, the following vulnerability has been resolved: isofs: validate Rock Ridge CE continuation extent against volume size rockcontinue reads rs-contextent verbatim from the Rock Ridge CE record and passes it to sbbread without checking that the block number is within the mounted I...

5.5AI score0.00278EPSS
Exploits0References9Affected Software1
ptsecurity
ptsecurity
added 2026/06/08 12:0 a.m.14 views

PT-2026-47374

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.12-1.1 Description The rock continue function in the isofs component reads the rs-cont extent from the Rock Ridge CE record and passes it to sb...

9.1CVSS5.4AI score0.00457EPSS
Exploits1References67
nessus
nessus
added 2026/05/29 12:0 a.m.24 views

Linux Distros Unpatched Vulnerability : CVE-2026-46124

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - isofs: validate block number from NFS file handle in isofsexportiget isofsfhtodentry and isofsfhtoparent pass an attacker- controlled block number ifid-block or...

7.5CVSS6.8AI score0.00425EPSS
Exploits0References2
redhatcve
redhatcve
added 2026/05/28 9:12 p.m.16 views

CVE-2026-46124

A flaw was found in the Linux kernel's isofs filesystem. An authenticated NFS Network File System peer can exploit this vulnerability by providing a specially crafted file handle. This allows the server to read arbitrary in-range blocks on the backing device, leading to information disclosure whe...

7.5CVSS5.9AI score0.00425EPSS
Exploits0References4
nvd
nvd
added 2026/05/28 10:16 a.m.13 views

CVE-2026-46124

In the Linux kernel, the following vulnerability has been resolved: isofs: validate block number from NFS file handle in isofsexportiget isofsfhtodentry and isofsfhtoparent pass an attacker- controlled block number ifid-block or ifid-parentblock from the NFS file handle to isofsexportiget, which...

7.5CVSS0.00425EPSS
Exploits0References8
osv
osv
added 2026/05/28 10:16 a.m.7 views

UBUNTU-CVE-2026-46124

In the Linux kernel, the following vulnerability has been resolved: isofs: validate block number from NFS file handle in isofsexportiget isofsfhtodentry and isofsfhtoparent pass an attacker- controlled block number ifid-block or ifid-parentblock from the NFS file handle to isofsexportiget, which...

7.5CVSS5.7AI score0.00425EPSS
Exploits0References8
attackerkb
attackerkb
added 2026/05/28 9:35 a.m.33 views

CVE-2026-46124

In the Linux kernel, the following vulnerability has been resolved: isofs: validate block number from NFS file handle in isofsexportiget isofsfhtodentry and isofsfhtoparent pass an attacker- controlled block number ifid-block or ifid-parentblock from the NFS file handle to isofsexportiget, which...

7.5CVSS6.2AI score0.00425EPSS
Exploits0References9Affected Software1
euvd
euvd
added 2026/05/28 9:35 a.m.18 views

EUVD-2026-32883

In the Linux kernel, the following vulnerability has been resolved: isofs: validate block number from NFS file handle in isofsexportiget isofsfhtodentry and isofsfhtoparent pass an attacker- controlled block number ifid-block or ifid-parentblock from the NFS file handle to isofsexportiget, which...

7.1CVSS6.4AI score0.00425EPSS
Exploits0References5
cve
cve
added 2026/05/28 9:35 a.m.68 views

CVE-2026-46124

CVE-2026-46124 affects the Linux kernel isofs filesystem. The vulnerability arises because isofs_fh_to_dentry/isofs_fh_to_parent pass an attacker-controlled block number from an NFS file handle to isofs_export_iget(), which only rejects block == 0 before calling isofs_iget and sb_bread. A crafted...

7.5CVSS5.8AI score0.00425EPSS
Exploits0References8Affected Software1
osv
osv
added 2026/05/28 9:35 a.m.2 views

CVE-2026-46124 isofs: validate block number from NFS file handle in isofs_export_iget

In the Linux kernel, the following vulnerability has been resolved: isofs: validate block number from NFS file handle in isofsexportiget isofsfhtodentry and isofsfhtoparent pass an attacker- controlled block number ifid-block or ifid-parentblock from the NFS file handle to isofsexportiget, which...

7.5CVSS5.8AI score0.00425EPSS
Exploits0References11
cvelist
cvelist
added 2026/05/28 9:35 a.m.36 views

CVE-2026-46124 isofs: validate block number from NFS file handle in isofs_export_iget

In the Linux kernel, the following vulnerability has been resolved: isofs: validate block number from NFS file handle in isofsexportiget isofsfhtodentry and isofsfhtoparent pass an attacker- controlled block number ifid-block or ifid-parentblock from the NFS file handle to isofsexportiget, which...

7.5CVSS0.00425EPSS
Exploits0References8
ptsecurity
ptsecurity
added 2026/05/28 12:0 a.m.20 views

PT-2026-44247

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description The issue exists in the isofs module where isofs fh to dentry and isofs fh to parent pass an attacker-controlled block numbe...

7.5CVSS5.9AI score0.00425EPSS
Exploits0
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: isofs: Fixed out-of-bound access for corrupted isofs images. When an isofs image is corrupted, isofsread inode can read data beyond the end of the buffer. It is necessary to sanity-check the length of the directory entry befor...

5.5CVSS5.5AI score0.00234EPSS
Exploits0References2
osv
osv
added 2026/03/09 11:37 a.m.9 views

CLSA-2026-1773056241 kernel: Fix of 21 CVEs

i40e: fix IRQ freeing in i40evsirequestirqmsix error path CVE-2025-39911 - media: rc: fix races with imondisconnect CVE-2025-39993 - VMCI: fix race between vmcihostsetupnotify and vmcictxunsetnotify CVE-2025-38102 - partitions: mac: fix handling of bogus partition table CVE-2025-21772 - tracing:...

7.8CVSS7.1AI score0.00319EPSS
Exploits0References1
osv
osv
added 2026/03/09 8:59 a.m.12 views

CLSA-2026-1773046740 kernel: Fix of 21 CVEs

i40e: fix IRQ freeing in i40evsirequestirqmsix error path CVE-2025-39911 - media: rc: fix races with imondisconnect CVE-2025-39993 - VMCI: fix race between vmcihostsetupnotify and vmcictxunsetnotify CVE-2025-38102 - partitions: mac: fix handling of bogus partition table CVE-2025-21772 - tracing:...

7.8CVSS7.1AI score0.00319EPSS
Exploits0References1
osv
osv
added 2026/03/09 8:50 a.m.16 views

CLSA-2026-1773046198 kernel: Fix of 31 CVEs

smb3: fix for slab out of bounds on mount to ksmbd CVE-2025-38728 - netfilter: nftsetpipapo: clamp maximum map bucket size to INTMAX CVE-2025-38201 - ALSA: usb-audio: Validate UAC3 power domain descriptors, too CVE-2025-38729 - net: atm: fix /proc/net/atm/lec handling CVE-2025-38180 - tcpbpf:...

7.8CVSS7AI score0.0033EPSS
Exploits3References1
Rows per page
Query Builder