254 matches found
Autonomy Ultraseek - Open Redirect
Open redirect vulnerability in cs.html in the Autonomy formerly Verity Ultraseek search engine allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the url parameter. id: CVE-2009-0347 info: name: Autonomy Ultraseek - Open Redirect author: ctflearner...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the context of dm-verity-target.c, there is a potential way to modify read-only files due to a missing permission check. This could lead to a local escalation of privileges, as System execution privileges are required. User interaction is not necessary for exploiting this vulnerability. Produc...
SUSE CVE-2026-46130
In the Linux kernel, the following vulnerability has been resolved: dm-verity-fec: fix reading parity bytes split across blocks take 3 fecdecodebufs assumes that the parity bytes of the first RS codeword it decodes are never split across parity blocks. This assumption is false. Consider...
Linux Distros Unpatched Vulnerability : CVE-2026-46130
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dm-verity-fec: fix reading parity bytes split across blocks take 3 fecdecodebufs assumes that the parity bytes of the first RS codeword it decodes are never spl...
CVE-2026-46130
A flaw was found in the Linux kernel's device-mapper verity forward error correction dm-verity-fec component. This vulnerability occurs because a function responsible for decoding parity data makes an incorrect assumption about how these data blocks are read. Under specific, non-default...
CVE-2026-46130
In the Linux kernel, the following vulnerability has been resolved: dm-verity-fec: fix reading parity bytes split across blocks take 3 fecdecodebufs assumes that the parity bytes of the first RS codeword it decodes are never split across parity blocks. This assumption is false. Consider...
UBUNTU-CVE-2026-46130
In the Linux kernel, the following vulnerability has been resolved: dm-verity-fec: fix reading parity bytes split across blocks take 3 fecdecodebufs assumes that the parity bytes of the first RS codeword it decodes are never split across parity blocks. This assumption is false. Consider...
CVE-2026-46130
CVE-2026-46130 concerns the Linux kernel’s dm-verity-fec component. The root cause is an incorrect assumption about parity data layout: when reading parity bytes across blocks, parity bytes for the first RS codeword can be split across parity blocks, causing an out-of-bounds read under certain no...
CVE-2026-46130 dm-verity-fec: fix reading parity bytes split across blocks (take 3)
In the Linux kernel, the following vulnerability has been resolved: dm-verity-fec: fix reading parity bytes split across blocks take 3 fecdecodebufs assumes that the parity bytes of the first RS codeword it decodes are never split across parity blocks. This assumption is false. Consider...
EUVD-2026-32889
In the Linux kernel, the following vulnerability has been resolved: dm-verity-fec: fix reading parity bytes split across blocks take 3 fecdecodebufs assumes that the parity bytes of the first RS codeword it decodes are never split across parity blocks. This assumption is false. Consider...
CVE-2026-46130
In the Linux kernel, the following vulnerability has been resolved: dm-verity-fec: fix reading parity bytes split across blocks take 3 fecdecodebufs assumes that the parity bytes of the first RS codeword it decodes are never split across parity blocks. This assumption is false. Consider...
PT-2026-44253
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds read exists in the fec decode bufs function within the dm-verity-fec component. The issue occurs because the function incorrectly assumes that parity bytes of the first...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: dm: verity-loadpin: Only trust verity targets with enforcement Verity targets can be configured to ignore corrupted data blocks. LoadPin must only trust verity targets that are configured to perform some kind of enforcement when...
Astra Linux - уязвимость в linux-5.10, linux
Dm-verity is used to extend the root-of-trust to root file systems. LoadPin builds upon this feature to restrict module/firmware loads to only the trusted root file system. Currently, device-mapper table reloads allow users with root privileges to replace the target with an equivalent dm-linear...
SUSE CVE-2026-43132
In the Linux kernel, the following vulnerability has been resolved: dm-verity: correctly handle dmbufioclientcreate failure If either of the calls to dmbufioclientcreate in verityfecctr fails, then dmbufioclientdestroy is later called with an ERRPTR argument. That causes a crash. Fix this...
CVE-2026-43132
A flaw was found in the Linux kernel's dm-verity component. When the dmbufioclientcreate function fails within verityfecctr, the subsequent call to dmbufioclientdestroy with an error pointer argument leads to a system crash. This vulnerability could allow a local attacker to cause a Denial of...
EUVD-2026-27692
In the Linux kernel, the following vulnerability has been resolved: dm-verity: correctly handle dmbufioclientcreate failure If either of the calls to dmbufioclientcreate in verityfecctr fails, then dmbufioclientdestroy is later called with an ERRPTR argument. That causes a crash. Fix this...
CVE-2026-43132
In the Linux kernel, the following vulnerability has been resolved: dm-verity: correctly handle dmbufioclientcreate failure If either of the calls to dmbufioclientcreate in verityfecctr fails, then dmbufioclientdestroy is later called with an ERRPTR argument. That causes a crash. Fix this...
CVE-2026-43132
CVE-2026-43132 affects the Linux kernel dm-verity component. The issue arises when dm_bufio_client_create() fails inside verity_fec_ctr() and the subsequent call to dm_bufio_client_destroy() uses an ERR_PTR(), causing a crash. Red Hat specifies potential local DoS from this crash; Debian/Root-OS ...
CVE-2026-43132 dm-verity: correctly handle dm_bufio_client_create() failure
In the Linux kernel, the following vulnerability has been resolved: dm-verity: correctly handle dmbufioclientcreate failure If either of the calls to dmbufioclientcreate in verityfecctr fails, then dmbufioclientdestroy is later called with an ERRPTR argument. That causes a crash. Fix this...