924 matches found
SUSE CVE-2026-45991
In the Linux kernel, the following vulnerability has been resolved: udf: fix partition descriptor append bookkeeping Mounting a crafted UDF image with repeated partition descriptors can trigger a heap out-of-bounds write in partdescsloc. handlepartitiondescriptor deduplicates entries by partition...
CVE-2026-45991
A flaw was found in the Linux kernel's Universal Disk Format UDF filesystem. A remote attacker could exploit this vulnerability by tricking a user into mounting a specially crafted UDF image containing repeated partition descriptors. This could lead to a heap out-of-bounds write, potentially...
EUVD-2026-32287
In the Linux kernel, the following vulnerability has been resolved: udf: fix partition descriptor append bookkeeping Mounting a crafted UDF image with repeated partition descriptors can trigger a heap out-of-bounds write in partdescsloc. handlepartitiondescriptor deduplicates entries by partition...
CVE-2026-45991
In the Linux kernel, the following vulnerability has been resolved: udf: fix partition descriptor append bookkeeping Mounting a crafted UDF image with repeated partition descriptors can trigger a heap out-of-bounds write in partdescsloc. handlepartitiondescriptor deduplicates entries by partition...
UBUNTU-CVE-2026-45991
In the Linux kernel, the following vulnerability has been resolved: udf: fix partition descriptor append bookkeeping Mounting a crafted UDF image with repeated partition descriptors can trigger a heap out-of-bounds write in partdescsloc. handlepartitiondescriptor deduplicates entries by partition...
CVE-2026-45991
The CVE-2026-45991 entry concerns the Linux kernel UDF filesystem. The root cause is in handle_partition_descriptor() where partition descriptors are deduplicated by partition number, but appended slots do not record partnum, allowing repeated Partition Descriptors to accumulate and grow num_part...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of recording the partition number when the udf partition descriptor is attached. This...
Linux Distros Unpatched Vulnerability : CVE-2026-45991
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - udf: fix partition descriptor append bookkeeping Mounting a crafted UDF image with repeated partition descriptors can trigger a heap out-of-bounds write in...
PT-2026-43858
In the Linux kernel, the following vulnerability has been resolved: udf: fix partition descriptor append bookkeeping Mounting a crafted UDF image with repeated partition descriptors can trigger a heap out-of-bounds write in part descs loc. handle partition descriptor deduplicates entries by...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: udf: Do not bother merging very long extents. When merging very long extents, we try to assign as much length as possible to the first extent. However, this is unnecessarily complicated and not really worth the effort. Moreover,...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: fs: udf: fix OOB read in lengthAllocDescs handling When parsing Allocation Extent Descriptor, lengthAllocDescs comes from on-disk data and must be validated against the block size. Crafted or corrupted images may set...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: udf: Fixed NULL pointer dereferencing in the udfsymlink function. In the udfsymlink function, epos.bh is assigned the value returned by udftgetblk. The udftgetblk function is defined in udf/misc.c and returns the value of the...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: udf: Avoid double calls to brelse in udfrename syzbot reported a warning like below 1: VFS: brelse: Trying to free a free buffer WARNING: CPU: 2 PID: 7301 at fs/buffer.c:1145 brelse+0x67/0xa0 ... Call trace:...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: udf: Avoid using corrupted block bitmap buffers. When the filesystem’s block bitmap is corrupted, we detect the corruption while loading the bitmap. As a result, allocation attempts fail with an error. However, the next allocatio...
Astra Linux - уязвимость в linux-6.1, linux, linux-5.15, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: udf: The use of uninit-value in udfgetfileshortad has been fixed. A check for overflow was added when calculating alen in udfcurrentaext, to mitigate potential issues with uninit-value usage in udfgetfileshortad. This addresses a...
CLSA-2026-1778276927 kernel: Fix of 33 CVEs
rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present - xfrm: esp: avoid in-place decrypt on shared skb frags - ext4: avoid OOB when system.data xattr changes underneath the filesystem CVE-2024-47701 - gpiolib: cdev: fix uninitialised kfifo CVE-2024-36898 - wifi: mt76: Fix...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: udf: Fix a slab-out-of-bounds write bug in udffindentry Syzbot reported a slab-out-of-bounds Write bug: loop0: detected capacity change from 0 to 2048 ================================================================== BUG: KASAN:...
Astra Linux - уязвимость в linux, linux-5.10
A flaw involving a null pointer dereference was discovered in the Linux kernel’s UDF file system functionality. This flaw allows a malicious UDF image to trigger the udffilewriteiter function. A local user could exploit this flaw to crash the system. The flaw is present in the Linux kernel versio...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: udf: Avoid excessive partition lengths Avoid mounting filesystems where the partition would overflow the 32-bits used for block number. Also refuse to mount filesystems where the partition length is so large we cannot safely inde...
Astra Linux - уязвимость в linux-5.15
A flaw in memory writing within the Linux kernel’s UDF file system functionality was discovered. This flaw allows a user to trigger certain file operations, which in turn triggers udfwritefi. A local user could exploit this flaw to crash the system or potentially cause other malicious actions...