cve 2024 26982

About this tag
CVE-2024-26982 is a Linux kernel vulnerability in the SquashFS filesystem implementation. A malformed SquashFS image can cause an invalid inode with a zero number, leading to an out-of-bounds access. This flaw is primarily local and can result in system crashes (denial of service) and potential information exposure. The recommended remediation is to apply vendor-provided kernel updates or disable SquashFS if not needed. WindowsForum.com discussions focus on the technical details of the patch and mitigation strategies for Linux systems.
  1. Linux SquashFS CVE-2024-26982 Patch: Fix Invalid Inode Zero Handling

    A subtle validation bug in the Linux kernel’s SquashFS implementation — tracked as CVE-2024-26982 — has been fixed upstream after researchers and automated testing tools found that a malformed SquashFS image could leave an inode with an invalid number of zero and later trigger an out‑of‑bounds...