CVE-2022-50739

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add null pointer check for inode operations This adds a sanity check for the iop pointer of the inode which is returned after reading Root directory MFT record. We should check the iop is valid before trying to create t...

kernel: ext4: fix undefined behavior in bit shift for ext4_check_flag_values

A vulnerability was identified in the Linux kernel's ext4 filesystem implementation due to a flaw in how it processes filesystem metadata. An attacker with local privileges could create a malicious ext4 filesystem image to trigger this issue. When the system attempts to mount this malicious image...

PT-2026-2501

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.18.0-rc2+ 721 Description An issue exists in the Linux kernel's F2FS filesystem implementation where an incorrect return value from the f2fs recover fsync data function can lead to a kernel panic. Specifically,...

kernel: ext4: fix undefined behavior in bit shift for ext4_check_flag_values

A vulnerability was identified in the Linux kernel's ext4 filesystem implementation due to a flaw in how it processes filesystem metadata. An attacker with local privileges could create a malicious ext4 filesystem image to trigger this issue. When the system attempts to mount this malicious image...

SUSE CVE-2018-10876

A flaw was found in Linux kernel in the ext4 filesystem code. A use-after-free is possible in ext4extremovespace function when mounting and operating a crafted ext4 image...

DEBIAN-CVE-2019-19814

In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause removedirtysegment slab-out-of-bounds write access because an array is bounded by the number of dirty types 8 but the array index can exceed this...

DEBIAN-CVE-2019-19377

In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfsqueuework in fs/btrfs/async-thread.c...

kernel: EXT4 memory corruption / SLAB out-of-bounds read

Mounting a crafted EXT4 image read-only leads to an attacker controlled memory corruption and SLAB-Out-of-Bounds reads...

MOAB-13-01-2007: Apple DMG HFS+ do_hfs_truncate() Denial of Service Vulnerability

Summary A specially crafted HFS+ filesystem in a DMG image can cause the dohfstruncate function to panic the kernel denial of service, when attempting to remove a file from the mounted filesystem. This issue can't lead to arbitrary code execution, although there's a significant risk of local HFS+...