5.5

CVE-2026-43179

erofs: fix incorrect early exits for invalid metabox-enabled images

In the Linux kernel, the following vulnerability has been resolved:

erofs: fix incorrect early exits for invalid metabox-enabled images

Crafted EROFS images with metadata compression enabled can trigger
incorrect early returns, leading to folio reference leaks.

However, this does not cause system crashes or other severe issues.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 6.17 < 6.18.16
LinuxLinux Kernel Version >= 6.19 < 6.19.6
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.13% 0.026
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/041b5163bb9b2e81050bcd885b3373bf2f42d5f5
Patch
https://git.kernel.org/stable/c/56e4a84220045b6af0f1efc11825b39217c7decf
Patch
https://git.kernel.org/stable/c/643575d5a4f24b23b0c54aa20aa74a4abed8ff5e
Patch