10 matches found
CVE-2022-50739
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add null pointer check for inode operations This adds a sanity check for the iop pointer of the inode which is returned after reading Root directory MFT record. We should check the iop is valid before trying to create t...
kernel: ext4: fix undefined behavior in bit shift for ext4_check_flag_values
A vulnerability was identified in the Linux kernel's ext4 filesystem implementation due to a flaw in how it processes filesystem metadata. An attacker with local privileges could create a malicious ext4 filesystem image to trigger this issue. When the system attempts to mount this malicious image...
PT-2026-2501
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.18.0-rc2+ 721 Description An issue exists in the Linux kernel's F2FS filesystem implementation where an incorrect return value from the f2fs recover fsync data function can lead to a kernel panic. Specifically,...
kernel: ext4: fix undefined behavior in bit shift for ext4_check_flag_values
A vulnerability was identified in the Linux kernel's ext4 filesystem implementation due to a flaw in how it processes filesystem metadata. An attacker with local privileges could create a malicious ext4 filesystem image to trigger this issue. When the system attempts to mount this malicious image...
SUSE CVE-2018-10876
A flaw was found in Linux kernel in the ext4 filesystem code. A use-after-free is possible in ext4extremovespace function when mounting and operating a crafted ext4 image...
Vulnerability of functions f2fs_build_segment_manager and init_min_max_mtime in Linux kernel, allowing attackers to compromise the confidentiality, integrity, and accessibility of protected information
The vulnerability of the f2fsbuildsegmentmanager function in the Linux kernel’s fs/f2fs/segment.c file, as well as the initminmaxmtime function in the same file, relates to reading beyond the buffer boundaries. Exploiting this vulnerability could allow a remote attacker to compromise the...
DEBIAN-CVE-2019-19814
In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause removedirtysegment slab-out-of-bounds write access because an array is bounded by the number of dirty types 8 but the array index can exceed this...
DEBIAN-CVE-2019-19377
In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfsqueuework in fs/btrfs/async-thread.c...
kernel: EXT4 memory corruption / SLAB out-of-bounds read
Mounting a crafted EXT4 image read-only leads to an attacker controlled memory corruption and SLAB-Out-of-Bounds reads...
MOAB-13-01-2007: Apple DMG HFS+ do_hfs_truncate() Denial of Service Vulnerability
Summary A specially crafted HFS+ filesystem in a DMG image can cause the dohfstruncate function to panic the kernel denial of service, when attempting to remove a file from the mounted filesystem. This issue can't lead to arbitrary code execution, although there's a significant risk of local HFS+...