-
CVE-2026-53023
- EPSS 0.17%
- Veröffentlicht 24.06.2026 16:29:32
- Zuletzt bearbeitet 10.07.2026 19:24:19
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
fs/ntfs3: terminate the cached volume label after UTF-8 conversion
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: terminate the cached volume label after UTF-8 conversion ntfs_fill_super() loads the on-disk volume label with utf16s_to_utf8s() and stores the result in sbi->volume.label. The converted label is later exposed through ntfs3_label_show() using %s, but utf16s_to_utf8s() only returns the number of bytes written and does not add a trailing NUL. If the converted label fills the entire fixed buffer, ntfs3_label_show() can read past the end of sbi->volume.label while looking for a terminator. Terminate the cached label explicitly after a successful conversion and clamp the exact-full case to the last byte of the buffer.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version
82cae269cfa953032fbb8980a7d554d60fb00b17
Version <
32b0686369e0afbb3549a0d93e2d8517da84cd30
Status
affected
Version
82cae269cfa953032fbb8980a7d554d60fb00b17
Version <
bc7a0c34c4ca259cfddf3bc18fc5b3c6411d26ed
Status
affected
Version
82cae269cfa953032fbb8980a7d554d60fb00b17
Version <
0b11fcbe80a59acdf58337d80ebb5f72201d73d6
Status
affected
Version
82cae269cfa953032fbb8980a7d554d60fb00b17
Version <
54d564b762389679e2f8fb9eeb20af7e82371e1c
Status
affected
Version
82cae269cfa953032fbb8980a7d554d60fb00b17
Version <
6136bbb054f7ab9f51ae99915541633b18bcef90
Status
affected
Version
82cae269cfa953032fbb8980a7d554d60fb00b17
Version <
5cd0707b81cb4589f00aec5c4c1288bd0980d2a4
Status
affected
Version
82cae269cfa953032fbb8980a7d554d60fb00b17
Version <
a6cd43fe9b083fa23fe1595666d5738856cb261a
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
5.15
Status
affected
Version
0
Version <
5.15
Status
unaffected
Version <=
5.15.*
Version
5.15.209
Status
unaffected
Version <=
6.1.*
Version
6.1.175
Status
unaffected
Version <=
6.6.*
Version
6.6.141
Status
unaffected
Version <=
6.12.*
Version
6.12.91
Status
unaffected
Version <=
6.18.*
Version
6.18.33
Status
unaffected
Version <=
7.0.*
Version
7.0.10
Status
unaffected
Version <=
*
Version
7.1
Status
unaffected
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.17% | 0.069 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|
https://git.kernel.org/stable/c/32b0686369e0afbb3549a0d93e2d8517da84cd30
https://git.kernel.org/stable/c/bc7a0c34c4ca259cfddf3bc18fc5b3c6411d26ed
https://git.kernel.org/stable/c/0b11fcbe80a59acdf58337d80ebb5f72201d73d6
https://git.kernel.org/stable/c/54d564b762389679e2f8fb9eeb20af7e82371e1c
https://git.kernel.org/stable/c/6136bbb054f7ab9f51ae99915541633b18bcef90
https://git.kernel.org/stable/c/5cd0707b81cb4589f00aec5c4c1288bd0980d2a4
https://git.kernel.org/stable/c/a6cd43fe9b083fa23fe1595666d5738856cb261a