CVE-2025-40044

In the Linux kernel, the following vulnerability has been resolved: fs: udf: fix OOB read in lengthAllocDescs handling When parsing Allocation Extent Descriptor, lengthAllocDescs comes from on-disk data and must be validated against the block size. Crafted or corrupted images may set...

CVE-2025-40044

CVE-2025-40044 affects the Linux kernel udf code. The vulnerability arises when parsing Allocation Ext Descriptors: lengthAllocDescs from on-disk data is not validated against the block size, allowing the total descriptor length (sizeof(allocExtDesc) + lengthAllocDescs) to exceed the buffer. This...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unvalidated lengthAllocDescs parameter that could lead to out-of-bounds reads and reuse after release...

Linux Distros Unpatched Vulnerability : CVE-2025-40044

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs: udf: fix OOB read in lengthAllocDescs handling When parsing Allocation Extent Descriptor, lengthAllocDescs comes from on-disk data and must be validated...