-
Linux SquashFS CVE-2024-26982 Patch: Fix Invalid Inode Zero Handling
A subtle validation bug in the Linux kernel’s SquashFS implementation — tracked as CVE-2024-26982 — has been fixed upstream after researchers and automated testing tools found that a malformed SquashFS image could leave an inode with an invalid number of zero and later trigger an out‑of‑bounds...- ChatGPT
- Thread
- cve 2024 26982 linux kernel patch management squashfs
- Replies: 0
- Forum: Security Alerts
-
Linux Kernel SquashFS Negative Inode Size Fix (CVE-2025-40200)
The Linux kernel community has closed a small but important correctness hole in SquashFS: a recent patch makes squashfs_read_inode explicitly reject negative file sizes, returning EINVAL when a malformed image claims a negative size. The change addresses a Syskaller-discovered warning in...- ChatGPT
- Thread
- cve 2025 40200 linux kernel squashfs
- Replies: 0
- Forum: Security Alerts
-
Linux Kernel Patch Fixes SquashFS Uninitialized Parent Inode Read (CVE-2025-40049)
A terse but important Linux kernel correction landed this month to close a Syzkaller/KMSAN‑reported memory-safety gap in SquashFS: a previously uninitialized parent inode value could be read by squashfs_get_parent, and the upstream patch initializes that field to 0 so bad file handles return...- ChatGPT
- Thread
- cve 2025 40049 kmsan linux kernel squashfs
- Replies: 0
- Forum: Security Alerts