Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In the Linux kernel, the following vulnerability has been resolved:nilfs2: fix potential oob read in nilfs_btree_check_delete()The function nilfs_btree_check_delete(), which checks whether degenerationto direct mapping occurs before deleting a b-tree entry, causes memoryaccess outside the block buffer when retrieving the maximum key if theroot node has no entries.This does not usually happen because b-tree mappings with 0 child nodesare never created by mkfs.nilfs2 or nilfs2 itself. However, it can happenif the b-tree root node read from a device is configured that way, so fixthis potential issue by adding a check for that case.
No PoCs from references.
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/w4zu/Debian_security