Lucene search
K

411 matches found

CVE
CVE
added 4 days ago9 views

CVE-2026-55781

The CVE affects NanaZip (7-Zip derivative) prior to version 6.5.1749.0, specifically the UFS/FFS image handler in NanaZip.Codecs.Archive.Ufs.cpp. The root cause is that superblock considerations validate the block size only against MINBSIZE and do not validate the fs_fsize fragment size, allowing...

2.4CVSS6.2AI score0.00112EPSS
Exploits0References3
NVD
NVD
added 2026/06/26 8:17 p.m.7 views

CVE-2026-53303

In the Linux kernel, the following vulnerability has been resolved: f2fs: protect extensionlist reading with sblock in f2fssbishow In f2fssbishow, the extensionlist, extensioncount and hotextcount are read without holding sbi-sblock. If a concurrent sysfs store modifies the extension list via...

7.1CVSS0.00126EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.13 views

PT-2026-52942

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the f2fs module, the f2fs sbi show function reads extension list, extension count, and hot ext count without holding the sb lock. If a concurrent sysfs store operation modifies the...

7.1CVSS5.8AI score0.00126EPSS
Exploits0References19
CVE
CVE
added 2026/06/25 8:39 a.m.14 views

CVE-2026-53272

The CVE-2026-53272 issue affects the Linux kernel’s erofs subsystem. A use-after-free on sbi->sync_decompress can occur when z_erofs_endio() queues z_erofs_decompressqueue_work() and, after folios are unlocked, the unmount path completes with sbi freed before sbi->sync_decompress is accesse...

7.8CVSS5.7AI score0.00125EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/06/24 4:30 p.m.33 views

CVE-2026-53130 fs/omfs: reject s_sys_blocksize smaller than OMFS_DIR_START

In the Linux kernel, the following vulnerability has been resolved: fs/omfs: reject ssysblocksize smaller than OMFSDIRSTART omfsfillsuper rejects oversized ssysblocksize values PAGESIZE, but it does not reject values smaller than OMFSDIRSTART 0x1b8 = 440. Later, omfsmakeempty uses sbi-ssysblocksi...

7.8CVSS0.0013EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/24 4:30 p.m.20 views

EUVD-2026-38998

In the Linux kernel, the following vulnerability has been resolved: fs/omfs: reject ssysblocksize smaller than OMFSDIRSTART omfsfillsuper rejects oversized ssysblocksize values PAGESIZE, but it does not reject values smaller than OMFSDIRSTART 0x1b8 = 440. Later, omfsmakeempty uses sbi-ssysblocksi...

5.7AI score0.0013EPSS
Exploits0References8
CVE
CVE
added 2026/06/24 4:30 p.m.17 views

CVE-2026-53130

The CVE-2026-53130 issue affects the Linux kernel OMFS code path (fs/omfs). A crafted filesystem image with s_sys_blocksize b_data + OMFS_DIR_START due to an unsigned underflow. The result can overwrite kernel memory far beyond the backing block buffer. The advisory notes a fix: add a lower-bound...

7.8CVSS5.7AI score0.0013EPSS
Exploits0References8Affected Software1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: minix: Required sanity checking was added to minixchecksuperblock. The fs/minix implementation of the minix file system currently does not support any value for slogzonesize other than 0. This is also the only value supported in...

5.5CVSS5.7AI score0.00128EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/20 2:28 a.m.11 views

SUSE CVE-2026-55392

NILFS utilities through 2.3.0, fixed in commit 26efb5d, nilfssbisvalid function fails to validate slogblocksize field in NILFS2 superblock before bit-shift operations. Attackers supplying crafted NILFS2 images trigger undefined behavior through oversized shifts or out-of-memory conditions, crashi...

6.7CVSS5.8AI score0.00105EPSS
Exploits0References3
NVD
NVD
added 2026/06/18 7:16 p.m.14 views

CVE-2026-55392

NILFS utilities through 2.3.0, fixed in commit 26efb5d, nilfssbisvalid function fails to validate slogblocksize field in NILFS2 superblock before bit-shift operations. Attackers supplying crafted NILFS2 images trigger undefined behavior through oversized shifts or out-of-memory conditions, crashi...

6.7CVSS0.00105EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/18 6:0 p.m.7 views

CVE-2026-55392

NILFS utilities through 2.3.0, fixed in commit 26efb5d, nilfssbisvalid function fails to validate slogblocksize field in NILFS2 superblock before bit-shift operations. Attackers supplying crafted NILFS2 images trigger undefined behavior through oversized shifts or out-of-memory conditions, crashi...

6.7CVSS5.2AI score0.00105EPSS
Exploits0References3
CVE
CVE
added 2026/06/18 6:0 p.m.41 views

CVE-2026-55392

CVE-2026-55392 affects NILFS utilities up to version 2.3.0. The root cause is nilfs_sb_is_valid() not validating s_log_block_size in the NILFS2 superblock before bit-shift operations, enabling undefined behavior from oversized shifts and potential out-of-memory conditions that can crash tools lik...

6.7CVSS5.3AI score0.00105EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.13 views

PT-2026-50777

Name of the Vulnerable Software and Affected Versions NILFS utilities versions prior to 2.3.1 Description The nilfs sb is valid function fails to validate the s log block size field in the NILFS2 superblock before performing bit-shift operations. An attacker can provide crafted NILFS2 images to...

6.7CVSS5.9AI score0.00105EPSS
Exploits0References12
Snyk
Snyk
added 2026/06/05 5:13 p.m.12 views

Use of Uninitialized Resource

Overview Affected versions of this package are vulnerable to Use of Uninitialized Resource in the SquashFS archive handler due to uninitialized memory in the blockToNode array. An attacker can cause denial of service or potentially disclose heap information by providing a crafted SquashFS image...

4.2CVSS5.5AI score0.00179EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: ext2: Added more validation checks for inode counts. Checks were added to ensure that the number of inodes stored in the superblock matches the number calculated based on the number of inodes per group. It was also verified th...

5.5CVSS6AI score0.00208EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10, Linux

A use-after-free flaw was identified due to a race between the superblock operations in the gadgetfs Linux driver. This flaw could be triggered by removing a device that is running the gadgetfs side...

6.4CVSS6.6AI score0.00484EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: nilfs2: Fixed a shift-out-of-bounds/overflow issue in nilfssb2badoffset. The patch series “nilfs2: Fix UBSAN shift-out-of-bounds warnings during mount time” addresses this issue. The first patch fixes a bug reported by syzbot,...

7.1CVSS6.4AI score0.00155EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: nilfs2: A shift-out-of-bounds condition has been fixed due to an overly large exponent of the block size. If the slogblocksize field in the superblock data is corrupted and too large, initnilfs and loadnilfs may still trigger a...

5.9AI score0.00168EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: ext4: Avoid resizing to a partial cluster size This patch prevents attempts to resize the filesystem to a cluster boundary that is not an integer multiple of the cluster size. Online resizing to a size that is not integral to the...

5.5CVSS6.2AI score0.00161EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fixed a UAF issue in f2fsinodeinfo in f2fsfreedic. The decompressioctx may be released asynchronously after I/O completion. If this file is deleted immediately after reading, and the kworker responsible for...

7.8CVSS5.3AI score0.00154EPSS
Exploits0References2
Rows per page
Query Builder