-

CVE-2026-52992

fs/adfs: validate nzones in adfs_validate_bblk()

In the Linux kernel, the following vulnerability has been resolved:

fs/adfs: validate nzones in adfs_validate_bblk()

Reject ADFS disc records with a zero zone count during boot block
validation, before the disc record is used.

When nzones is 0, adfs_read_map() passes it to kmalloc_array(0, ...)
which returns ZERO_SIZE_PTR, and adfs_map_layout() then writes to
dm[-1], causing an out-of-bounds write before the allocated buffer.

adfs_validate_dr0() already rejects nzones != 1 for old-format
images.  Add the equivalent check to adfs_validate_bblk() for
new-format images so that a crafted image with nzones == 0 is
rejected at probe time.

Found by syzkaller.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
Produkt Linux
Default Statusunaffected
Version f6f14a0d71b0773a1d4147d1a3c33d537cd213ab
Version < 33aafd2418a59c96c0389d47ea09026661fa9ec6
Status affected
Version f6f14a0d71b0773a1d4147d1a3c33d537cd213ab
Version < 1f0ed0f57f0fc87e46fe19a05435c214dc464be2
Status affected
Version f6f14a0d71b0773a1d4147d1a3c33d537cd213ab
Version < 6ff8cca5cdb4f2e0ea6d28ecd78479dd3f221ebc
Status affected
Version f6f14a0d71b0773a1d4147d1a3c33d537cd213ab
Version < a11372a8b1ceaa5e950a84b3b5fbf8228f25e277
Status affected
Version f6f14a0d71b0773a1d4147d1a3c33d537cd213ab
Version < 1586bd2d2fb436a26df20a70e78b000d34a7d159
Status affected
Version f6f14a0d71b0773a1d4147d1a3c33d537cd213ab
Version < a3fd5dc1c7b0aae947a67dc2e2c037d57557a4de
Status affected
Version f6f14a0d71b0773a1d4147d1a3c33d537cd213ab
Version < 60d82592ac8b5637fbed871381eb0a16df0a492e
Status affected
Version f6f14a0d71b0773a1d4147d1a3c33d537cd213ab
Version < dd9d3e16c2d5fa166e13dce07413be51f42c8f5d
Status affected
HerstellerLinux
Produkt Linux
Default Statusaffected
Version 5.6
Status affected
Version 0
Version < 5.6
Status unaffected
Version <= 5.10.*
Version 5.10.258
Status unaffected
Version <= 5.15.*
Version 5.15.209
Status unaffected
Version <= 6.1.*
Version 6.1.175
Status unaffected
Version <= 6.6.*
Version 6.6.141
Status unaffected
Version <= 6.12.*
Version 6.12.91
Status unaffected
Version <= 6.18.*
Version 6.18.33
Status unaffected
Version <= 7.0.*
Version 7.0.10
Status unaffected
Version <= *
Version 7.1
Status unaffected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.18% 0.082
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/33aafd2418a59c96c0389d47ea09026661fa9ec6
https://git.kernel.org/stable/c/1f0ed0f57f0fc87e46fe19a05435c214dc464be2
https://git.kernel.org/stable/c/6ff8cca5cdb4f2e0ea6d28ecd78479dd3f221ebc
https://git.kernel.org/stable/c/a11372a8b1ceaa5e950a84b3b5fbf8228f25e277
https://git.kernel.org/stable/c/1586bd2d2fb436a26df20a70e78b000d34a7d159
https://git.kernel.org/stable/c/a3fd5dc1c7b0aae947a67dc2e2c037d57557a4de
https://git.kernel.org/stable/c/60d82592ac8b5637fbed871381eb0a16df0a492e
https://git.kernel.org/stable/c/dd9d3e16c2d5fa166e13dce07413be51f42c8f5d