linux kernel udf

About this tag
The Linux kernel UDF tag covers security vulnerabilities and fixes related to the Universal Disk Format (UDF) filesystem implementation in the Linux kernel. Recent content highlights a specific patch addressing an out-of-bounds read vulnerability (CVE-2025-40044) in the UDF parser. This flaw could be triggered by malformed Allocation Extent Descriptors, leading to a use-after-free condition detected by KASAN. The fix prevents crc_itu_t from being invoked on memory outside the descriptor buffer. UDF is commonly used for optical media, disk images, and removable storage, making kernel-level stability and security critical for systems relying on these formats.
  1. Linux Kernel UDF Patch Defends Against Out-of-Bounds Reads (CVE-2025-40044)

    The Linux kernel received a targeted fix for an out‑of‑bounds read in the UDF filesystem parser — a small defensive change that closes a KASAN‑reported use‑after‑free triggered by malformed Allocation Extent Descriptors and prevents crc_itu_t from being invoked on memory outside the descriptor...