5 matches found
Astra Linux - ΡΡΠ·Π²ΠΈΠΌΠΎΡΡΡ Π² linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: erofs: The issue of generating a order = MAXORDER warning due to an intentionally crafted negative isize has been fixed. As reported by syzbot 1, the root cause is that the isize field is a signed type, and a negative isize value...
EUVD-2022-55542
Malicious code in bioql PyPI...
DEBIAN-CVE-2022-50313
In the Linux kernel, the following vulnerability has been resolved: erofs: fix order = MAXORDER warning due to crafted negative isize As syzbot reported 1, the root cause is that isize field is a signed type, and negative isize is also less than EROFSBLKSIZ. As a consequence, it's handled as fast...
CVE-2022-50313 erofs: fix order >= MAX_ORDER warning due to crafted negative i_size
In the Linux kernel, the following vulnerability has been resolved: erofs: fix order = MAXORDER warning due to crafted negative isize As syzbot reported 1, the root cause is that isize field is a signed type, and negative isize is also less than EROFSBLKSIZ. As a consequence, it's handled as fast...
CVE-2022-50313
Summary: CVE-2022-50313 affects the Linux kernel (EROF S subsystem). The root cause is that the i_size field is signed; crafted negative i_size can be interpreted as a fast symlink, triggering an order = MAX_ORDER warning. The fix changes the handling to fall back to the generic path for such unu...