3 matches found
CVE-2026-32829
lz4flex is a pure Rust implementation of LZ4 compression/decompression. In versions 0.11.5 and below, and 0.12.0, decompressing invalid LZ4 data can leak sensitive information from uninitialized memory or from previous decompression operations. The library fails to properly validate offset values...
SUSE CVE-2025-40349
In the Linux kernel, the following vulnerability has been resolved: hfs: validate record offset in hfsplusbmapalloc hfsplusbmapalloc can trigger a crash if a record offset or length is larger than nodesize 15.264282 BUG: KASAN: slab-out-of-bounds in hfsplusbmapalloc+0x887/0x8b0 15.265192 Read of...
DEBIAN-CVE-2025-38715
In the Linux kernel, the following vulnerability has been resolved: hfs: fix slab-out-of-bounds in hfsbnoderead This patch introduces isbnodeoffsetvalid method that checks the requested offset value. Also, it introduces checkandcorrectrequestedlength method that checks and correct the requested...