21 matches found
CVE-2026-53023
A flaw was found in the Linux kernel's NTFS3 file system driver. The ntfsfillsuper function, responsible for loading the volume label, did not properly null-terminate the converted UTF-8 label. This oversight could allow the ntfs3labelshow function to read beyond the allocated buffer when...
Linux Distros Unpatched Vulnerability : CVE-2026-53023
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/ntfs3: terminate the cached volume label after UTF-8 conversion ntfsfillsuper loads the on-disk volume label with utf16stoutf8s and stores the result in...
EUVD-2026-38891
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: terminate the cached volume label after UTF-8 conversion ntfsfillsuper loads the on-disk volume label with utf16stoutf8s and stores the result in sbi-volume.label. The converted label is later exposed through...
CVE-2026-53023
CVE-2026-53023 affects Linux kernel ntfs3: ntfs_fill_super() converts the on-disk volume label from UTF-16 to UTF-8 and stores it in sbi->volume.label, but utf16s_to_utf8s() does not append a NUL terminator. If the converted label fills the fixed buffer, ntfs3_label_show() could read past the ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: erofs: Fixed incorrect early exits in volume label handling. Crafted EROFS images containing valid volume labels may trigger incorrect early returns, resulting in folio reference leaks. However, this does not cause system crashes...
SUSE CVE-2026-43154
In the Linux kernel, the following vulnerability has been resolved: erofs: fix incorrect early exits in volume label handling Crafted EROFS images containing valid volume labels can trigger incorrect early returns, leading to folio reference leaks. However, this does not cause system crashes or...
Linux Distros Unpatched Vulnerability : CVE-2026-43154
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: erofs: fix incorrect early exits in volume label handling Crafted EROFS images containing...
EUVD-2026-27717
In the Linux kernel, the following vulnerability has been resolved: erofs: fix incorrect early exits in volume label handling Crafted EROFS images containing valid volume labels can trigger incorrect early returns, leading to folio reference leaks. However, this does not cause system crashes or...
CVE-2026-43154
In the Linux kernel, the following vulnerability has been resolved: erofs: fix incorrect early exits in volume label handling Crafted EROFS images containing valid volume labels can trigger incorrect early returns, leading to folio reference leaks. However, this does not cause system crashes or...
CVE-2026-43154 erofs: fix incorrect early exits in volume label handling
In the Linux kernel, the following vulnerability has been resolved: erofs: fix incorrect early exits in volume label handling Crafted EROFS images containing valid volume labels can trigger incorrect early returns, leading to folio reference leaks. However, this does not cause system crashes or...
CVE-2026-43154
The CVE-2026-43154 issue affects the Linux kernel EROFS filesystem, where crafted EROFS images with valid volume labels trigger incorrect early exits in volume label handling, leading to folio reference leaks. Affected component is the EROFS implementation in the kernel; root cause is improper co...
CVE-2026-43154
In the Linux kernel, the following vulnerability has been resolved: erofs: fix incorrect early exits in volume label handling Crafted EROFS images containing valid volume labels can trigger incorrect early returns, leading to folio reference leaks. However, this does not cause system crashes or...
PT-2026-37494
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description Crafted EROFS images containing valid volume labels can trigger incorrect early returns in volume label handling, leading to folio reference leaks. Folio reference leaks occur when the...
EUVD-2018-18538
Malware in sbrugna...
SUSE CVE-2018-6791
An issue was discovered in soliduiserver/deviceserviceaction.cpp in KDE Plasma Workspace before 5.12.0. When a vfat thumbdrive that contains or $ in its volume label is plugged in and mounted through the device notifier, it's interpreted as a shell command, leading to a possibility of arbitrary...
util-linux: User-assisted execution of arbitrary code
Background util-linux is a suite of Linux programs including mount and umount, programs used to mount and unmount filesystems. Description It was discovered that the umount bash-completion as provided by util-linux does not escap mount point paths. Impact An attacker controlling a volume label...
DEBIAN-CVE-2018-6791
An issue was discovered in soliduiserver/deviceserviceaction.cpp in KDE Plasma Workspace before 5.12.0. When a vfat thumbdrive that contains or $ in its volume label is plugged in and mounted through the device notifier, it's interpreted as a shell command, leading to a possibility of arbitrary...
Command injection
An issue was discovered in soliduiserver/deviceserviceaction.cpp in KDE Plasma Workspace before 5.12.0. When a vfat thumbdrive that contains or $ in its volume label is plugged in and mounted through the device notifier, it's interpreted as a shell command, leading to a possibility of arbitrary...
MGASA-2015-0393 Updated isodumper package fixes command injection
The volume label text could be injected and executed as a shell command in rawformat.py from isodumper...
Updated isodumper package fixes command injection
The volume label text could be injected and executed as a shell command in rawformat.py from isodumper...