Oracle Linux 9 : kernel (ELSA-2025-9880)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-9880 advisory. - Squashfs: fix handling and sanity checking of xattrids count CKI Backport Bot RHEL-93465 CVE-2023-52933 Tenable has extracted the preceding description block...

CVE-2023-52933

CVE-2023-52933 affects the Linux kernel Squashfs xattr_ids handling. Two overflow flaws were exposed by a corrupted filesystem: on 64‑bit systems, sign extension of xattr_ids when multiplied by sizeof(struct squashfs_xattr_id) can overflow and yield an incorrect len; on 32‑bit systems, the unsign...

CVE-2023-52933

In the Linux kernel, the following vulnerability has been resolved: Squashfs: fix handling and sanity checking of xattrids count A Sysbot 1 corrupted filesystem exposes two flaws in the handling and sanity checking of the xattrids count in the filesystem. Both of these flaws cause computation...

CVE-2023-52933 Squashfs: fix handling and sanity checking of xattr_ids count

In the Linux kernel, the following vulnerability has been resolved: Squashfs: fix handling and sanity checking of xattrids count A Sysbot 1 corrupted filesystem exposes two flaws in the handling and sanity checking of the xattrids count in the filesystem. Both of these flaws cause computation...

GSD-2023-1001856 Squashfs: fix handling and sanity checking of xattr_ids count

Squashfs: fix handling and sanity checking of xattrids count This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.11 by commit...