-
CVE-2026-52992
- EPSS 0.18%
- Veröffentlicht 24.06.2026 16:29:05
- Zuletzt bearbeitet 10.07.2026 19:24:19
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
fs/adfs: validate nzones in adfs_validate_bblk()
In the Linux kernel, the following vulnerability has been resolved: fs/adfs: validate nzones in adfs_validate_bblk() Reject ADFS disc records with a zero zone count during boot block validation, before the disc record is used. When nzones is 0, adfs_read_map() passes it to kmalloc_array(0, ...) which returns ZERO_SIZE_PTR, and adfs_map_layout() then writes to dm[-1], causing an out-of-bounds write before the allocated buffer. adfs_validate_dr0() already rejects nzones != 1 for old-format images. Add the equivalent check to adfs_validate_bblk() for new-format images so that a crafted image with nzones == 0 is rejected at probe time. Found by syzkaller.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version
f6f14a0d71b0773a1d4147d1a3c33d537cd213ab
Version <
33aafd2418a59c96c0389d47ea09026661fa9ec6
Status
affected
Version
f6f14a0d71b0773a1d4147d1a3c33d537cd213ab
Version <
1f0ed0f57f0fc87e46fe19a05435c214dc464be2
Status
affected
Version
f6f14a0d71b0773a1d4147d1a3c33d537cd213ab
Version <
6ff8cca5cdb4f2e0ea6d28ecd78479dd3f221ebc
Status
affected
Version
f6f14a0d71b0773a1d4147d1a3c33d537cd213ab
Version <
a11372a8b1ceaa5e950a84b3b5fbf8228f25e277
Status
affected
Version
f6f14a0d71b0773a1d4147d1a3c33d537cd213ab
Version <
1586bd2d2fb436a26df20a70e78b000d34a7d159
Status
affected
Version
f6f14a0d71b0773a1d4147d1a3c33d537cd213ab
Version <
a3fd5dc1c7b0aae947a67dc2e2c037d57557a4de
Status
affected
Version
f6f14a0d71b0773a1d4147d1a3c33d537cd213ab
Version <
60d82592ac8b5637fbed871381eb0a16df0a492e
Status
affected
Version
f6f14a0d71b0773a1d4147d1a3c33d537cd213ab
Version <
dd9d3e16c2d5fa166e13dce07413be51f42c8f5d
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
5.6
Status
affected
Version
0
Version <
5.6
Status
unaffected
Version <=
5.10.*
Version
5.10.258
Status
unaffected
Version <=
5.15.*
Version
5.15.209
Status
unaffected
Version <=
6.1.*
Version
6.1.175
Status
unaffected
Version <=
6.6.*
Version
6.6.141
Status
unaffected
Version <=
6.12.*
Version
6.12.91
Status
unaffected
Version <=
6.18.*
Version
6.18.33
Status
unaffected
Version <=
7.0.*
Version
7.0.10
Status
unaffected
Version <=
*
Version
7.1
Status
unaffected
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.18% | 0.082 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|
https://git.kernel.org/stable/c/33aafd2418a59c96c0389d47ea09026661fa9ec6
https://git.kernel.org/stable/c/1f0ed0f57f0fc87e46fe19a05435c214dc464be2
https://git.kernel.org/stable/c/6ff8cca5cdb4f2e0ea6d28ecd78479dd3f221ebc
https://git.kernel.org/stable/c/a11372a8b1ceaa5e950a84b3b5fbf8228f25e277
https://git.kernel.org/stable/c/1586bd2d2fb436a26df20a70e78b000d34a7d159
https://git.kernel.org/stable/c/a3fd5dc1c7b0aae947a67dc2e2c037d57557a4de
https://git.kernel.org/stable/c/60d82592ac8b5637fbed871381eb0a16df0a492e
https://git.kernel.org/stable/c/dd9d3e16c2d5fa166e13dce07413be51f42c8f5d