Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: Squashfs: sanity check for symbolic link sizes Syzkiller reports a bug named “KMSAN: uninit-value in picklink”. This issue is caused by an uninitialized page, which ultimately results from reading a corrupted symbolic link siz...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Squashfs: check that the inode number is not the invalid value of zero. Syskiller has identified an out-of-bounds access in the fillmetaindex function. This out-of-bounds access occurs because the inode has an inode number of zer...

kernel: Linux kernel: Memory corruption in Squashfs due to incorrect block size calculation

A flaw was found in the Linux kernel's Squashfs filesystem. A local attacker can exploit this vulnerability by simultaneously mounting a Squashfs filesystem and issuing a specific input/output control ioctl command. This can lead to an incorrect block size calculation, causing a shift-out-of-boun...

kernel: Linux kernel: Memory corruption in Squashfs due to incorrect block size calculation

A flaw was found in the Linux kernel's Squashfs filesystem. A local attacker can exploit this vulnerability by simultaneously mounting a Squashfs filesystem and issuing a specific input/output control ioctl command. This can lead to an incorrect block size calculation, causing a shift-out-of-boun...

Linux Distros Unpatched Vulnerability : CVE-2025-40049

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Squashfs: fix uninit-value in squashfsgetparent Syzkaller reports a KMSAN: uninit-value in squashfsgetparent bug. This is caused by openbyhandleat being called...

ROS-20251022-06

Vulnerability of amdgpuhmmregister function in drivers/gpu/drm/amd/amdgpu/amdgpuhmm.c driver module amdgpu of the Linux kernel is related to the reuse of previously freed memory. memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the...

EUVD-2012-3968

Malware in sbrugna...

EUVD-2025-22672

Malicious code in bioql PyPI...

An integer overflow in sqfs_inode_size in Das U-Boot before 2025.01-rc1 occurs in the symlink size calculation via a crafted squashfs filesystem.

...

Linux Distros Unpatched Vulnerability : CVE-2023-52933

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Squashfs: fix handling and sanity checking of xattrids count A Sysbot 1 corrupted filesystem exposes two flaws in the handling and sanity checking of the...

CVE-2025-38415 Squashfs: check return result of sb_min_blocksize

In the Linux kernel, the following vulnerability has been resolved: Squashfs: check return result of sbminblocksize Syzkaller reports an "UBSAN: shift-out-of-bounds in squashfsbioread" bug. Syzkaller forks multiple processes which after mounting the Squashfs filesystem, issues an ioctl"/dev/loop0...

ALSA-2025:9880 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Squashfs: fix handling and sanity checking of xattrids count CVE-2023-52933 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

CVE-2023-52979

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2023-52979

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2023-52933

In the Linux kernel, the following vulnerability has been resolved: Squashfs: fix handling and sanity checking of xattrids count A Sysbot 1 corrupted filesystem exposes two flaws in the handling and sanity checking of the xattrids count in the filesystem. Both of these flaws cause computation...

CVE-2023-52933 Squashfs: fix handling and sanity checking of xattr_ids count

In the Linux kernel, the following vulnerability has been resolved: Squashfs: fix handling and sanity checking of xattrids count A Sysbot 1 corrupted filesystem exposes two flaws in the handling and sanity checking of the xattrids count in the filesystem. Both of these flaws cause computation...

CVE-2023-52933

In the Linux kernel, the following vulnerability has been resolved: Squashfs: fix handling and sanity checking of xattrids count A Sysbot 1 corrupted filesystem exposes two flaws in the handling and sanity checking of the xattrids count in the filesystem. Both of these flaws cause computation...

SUSE CVE-2006-5701

Double free vulnerability in squashfs module in the Linux kernel 2.6.x, as used in Fedora Core 5 and possibly other distributions, allows local users to cause a denial of service by mounting a crafted squashfs filesystem...

CVE-2015-4645

Integer overflow in the readfragmenttable4 function in unsquash-4.c in Squashfs and sasquatch allows remote attackers to cause a denial of service application crash via a crafted input, which triggers a stack-based buffer overflow...

CVE-2012-4024

Stack-based buffer overflow in the getcomponent function in unsquashfs.c in unsquashfs in Squashfs 4.2 and earlier allows remote attackers to execute arbitrary code via a crafted list file aka a crafted file for the -ef option. NOTE: probably in most cases, the list file is a trusted file...