References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Known Affected Software Configurations Switch to CPE 2.2

Change History

NIST AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

NIST CWE-476

OR
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.12 up to (excluding) 6.12.2

https://git.kernel.org/stable/c/3a23787ca8756920d65fda39f41353a4be1d1642 No Types Assigned

https://git.kernel.org/stable/c/3a23787ca8756920d65fda39f41353a4be1d1642 Patch

https://git.kernel.org/stable/c/5036f2f024cac40a02ea6ea70de2c3a4407d16bc No Types Assigned

https://git.kernel.org/stable/c/5036f2f024cac40a02ea6ea70de2c3a4407d16bc Patch

In the Linux kernel, the following vulnerability has been resolved:

erofs: fix file-backed mounts over FUSE

syzbot reported a null-ptr-deref in fuse_read_args_fill:
 fuse_read_folio+0xb0/0x100 fs/fuse/file.c:905
 filemap_read_folio+0xc6/0x2a0 mm/filemap.c:2367
 do_read_cache_folio+0x263/0x5c0 mm/filemap.c:3825
 read_mapping_folio include/linux/pagemap.h:1011 [inline]
 erofs_bread+0x34d/0x7e0 fs/erofs/data.c:41
 erofs_read_superblock fs/erofs/super.c:281 [inline]
 erofs_fc_fill_super+0x2b9/0x25

https://git.kernel.org/stable/c/3a23787ca8756920d65fda39f41353a4be1d1642

https://git.kernel.org/stable/c/5036f2f024cac40a02ea6ea70de2c3a4407d16bc