CVE-2025-40088 (GCVE-0-2025-40088)

Vulnerability from cvelistv5 – Published: 2025-10-30 09:47 – Updated: 2026-05-11 21:42
VLAI
Title
hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp()
Summary
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp() The hfsplus_strcasecmp() logic can trigger the issue: [ 117.317703][ T9855] ================================================================== [ 117.318353][ T9855] BUG: KASAN: slab-out-of-bounds in hfsplus_strcasecmp+0x1bc/0x490 [ 117.318991][ T9855] Read of size 2 at addr ffff88802160f40c by task repro/9855 [ 117.319577][ T9855] [ 117.319773][ T9855] CPU: 0 UID: 0 PID: 9855 Comm: repro Not tainted 6.17.0-rc6 #33 PREEMPT(full) [ 117.319780][ T9855] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 117.319783][ T9855] Call Trace: [ 117.319785][ T9855] <TASK> [ 117.319788][ T9855] dump_stack_lvl+0x1c1/0x2a0 [ 117.319795][ T9855] ? __virt_addr_valid+0x1c8/0x5c0 [ 117.319803][ T9855] ? __pfx_dump_stack_lvl+0x10/0x10 [ 117.319808][ T9855] ? rcu_is_watching+0x15/0xb0 [ 117.319816][ T9855] ? lock_release+0x4b/0x3e0 [ 117.319821][ T9855] ? __kasan_check_byte+0x12/0x40 [ 117.319828][ T9855] ? __virt_addr_valid+0x1c8/0x5c0 [ 117.319835][ T9855] ? __virt_addr_valid+0x4a5/0x5c0 [ 117.319842][ T9855] print_report+0x17e/0x7e0 [ 117.319848][ T9855] ? __virt_addr_valid+0x1c8/0x5c0 [ 117.319855][ T9855] ? __virt_addr_valid+0x4a5/0x5c0 [ 117.319862][ T9855] ? __phys_addr+0xd3/0x180 [ 117.319869][ T9855] ? hfsplus_strcasecmp+0x1bc/0x490 [ 117.319876][ T9855] kasan_report+0x147/0x180 [ 117.319882][ T9855] ? hfsplus_strcasecmp+0x1bc/0x490 [ 117.319891][ T9855] hfsplus_strcasecmp+0x1bc/0x490 [ 117.319900][ T9855] ? __pfx_hfsplus_cat_case_cmp_key+0x10/0x10 [ 117.319906][ T9855] hfs_find_rec_by_key+0xa9/0x1e0 [ 117.319913][ T9855] __hfsplus_brec_find+0x18e/0x470 [ 117.319920][ T9855] ? __pfx_hfsplus_bnode_find+0x10/0x10 [ 117.319926][ T9855] ? __pfx_hfs_find_rec_by_key+0x10/0x10 [ 117.319933][ T9855] ? __pfx___hfsplus_brec_find+0x10/0x10 [ 117.319942][ T9855] hfsplus_brec_find+0x28f/0x510 [ 117.319949][ T9855] ? __pfx_hfs_find_rec_by_key+0x10/0x10 [ 117.319956][ T9855] ? __pfx_hfsplus_brec_find+0x10/0x10 [ 117.319963][ T9855] ? __kmalloc_noprof+0x2a9/0x510 [ 117.319969][ T9855] ? hfsplus_find_init+0x8c/0x1d0 [ 117.319976][ T9855] hfsplus_brec_read+0x2b/0x120 [ 117.319983][ T9855] hfsplus_lookup+0x2aa/0x890 [ 117.319990][ T9855] ? __pfx_hfsplus_lookup+0x10/0x10 [ 117.320003][ T9855] ? d_alloc_parallel+0x2f0/0x15e0 [ 117.320008][ T9855] ? __lock_acquire+0xaec/0xd80 [ 117.320013][ T9855] ? __pfx_d_alloc_parallel+0x10/0x10 [ 117.320019][ T9855] ? __raw_spin_lock_init+0x45/0x100 [ 117.320026][ T9855] ? __init_waitqueue_head+0xa9/0x150 [ 117.320034][ T9855] __lookup_slow+0x297/0x3d0 [ 117.320039][ T9855] ? __pfx___lookup_slow+0x10/0x10 [ 117.320045][ T9855] ? down_read+0x1ad/0x2e0 [ 117.320055][ T9855] lookup_slow+0x53/0x70 [ 117.320065][ T9855] walk_component+0x2f0/0x430 [ 117.320073][ T9855] path_lookupat+0x169/0x440 [ 117.320081][ T9855] filename_lookup+0x212/0x590 [ 117.320089][ T9855] ? __pfx_filename_lookup+0x10/0x10 [ 117.320098][ T9855] ? strncpy_from_user+0x150/0x290 [ 117.320105][ T9855] ? getname_flags+0x1e5/0x540 [ 117.320112][ T9855] user_path_at+0x3a/0x60 [ 117.320117][ T9855] __x64_sys_umount+0xee/0x160 [ 117.320123][ T9855] ? __pfx___x64_sys_umount+0x10/0x10 [ 117.320129][ T9855] ? do_syscall_64+0xb7/0x3a0 [ 117.320135][ T9855] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 117.320141][ T9855] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 117.320145][ T9855] do_syscall_64+0xf3/0x3a0 [ 117.320150][ T9855] ? exc_page_fault+0x9f/0xf0 [ 117.320154][ T9855] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 117.320158][ T9855] RIP: 0033:0x7f7dd7908b07 [ 117.320163][ T9855] Code: 23 0d 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 08 [ 117.320167][ T9855] RSP: 002b:00007ffd5ebd9698 EFLAGS: 00000202 ---truncated---
Severity
No CVSS data available.
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < 603158d4efa98a13a746bd586c20f194f4a31ec8 (git)
Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < ef250c3edd995d7bb5a5e5122ffad1c28a8686eb (git)
Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < 7ab44236b32ed41eb0636797e8e8e885a2f3b18a (git)
Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < b47a75b6f762321f9eb6f31aab7bce47a37063b7 (git)
Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < 4f5ab4a9c6abd8b0d713cc2b7b041bc10d70f241 (git)
Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < 586c75dfd1d265c4150f6529debb85c9d62e101f (git)
Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < 4bc081ba6c52b0c88c92701e3fbc33c7e2277afb (git)
Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < 42520df65bf67189541a425f7d36b0b3e7bd7844 (git)
Create a notification for this product.
Linux Linux Affected: 2.6.12
Unaffected: 0 , < 2.6.12 (semver)
Unaffected: 5.4.301 , ≤ 5.4.* (semver)
Unaffected: 5.10.246 , ≤ 5.10.* (semver)
Unaffected: 5.15.196 , ≤ 5.15.* (semver)
Unaffected: 6.1.158 , ≤ 6.1.* (semver)
Unaffected: 6.6.114 , ≤ 6.6.* (semver)
Unaffected: 6.12.55 , ≤ 6.12.* (semver)
Unaffected: 6.17.5 , ≤ 6.17.* (semver)
Unaffected: 6.18 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/hfsplus/unicode.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "603158d4efa98a13a746bd586c20f194f4a31ec8",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "ef250c3edd995d7bb5a5e5122ffad1c28a8686eb",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "7ab44236b32ed41eb0636797e8e8e885a2f3b18a",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "b47a75b6f762321f9eb6f31aab7bce47a37063b7",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "4f5ab4a9c6abd8b0d713cc2b7b041bc10d70f241",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "586c75dfd1d265c4150f6529debb85c9d62e101f",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "4bc081ba6c52b0c88c92701e3fbc33c7e2277afb",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "42520df65bf67189541a425f7d36b0b3e7bd7844",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/hfsplus/unicode.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.12"
            },
            {
              "lessThan": "2.6.12",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.301",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.246",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.196",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.158",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.114",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.55",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.17.*",
              "status": "unaffected",
              "version": "6.17.5",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.18",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.301",
                  "versionStartIncluding": "2.6.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.246",
                  "versionStartIncluding": "2.6.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.196",
                  "versionStartIncluding": "2.6.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.158",
                  "versionStartIncluding": "2.6.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.114",
                  "versionStartIncluding": "2.6.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.55",
                  "versionStartIncluding": "2.6.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.17.5",
                  "versionStartIncluding": "2.6.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.18",
                  "versionStartIncluding": "2.6.12",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp()\n\nThe hfsplus_strcasecmp() logic can trigger the issue:\n\n[  117.317703][ T9855] ==================================================================\n[  117.318353][ T9855] BUG: KASAN: slab-out-of-bounds in hfsplus_strcasecmp+0x1bc/0x490\n[  117.318991][ T9855] Read of size 2 at addr ffff88802160f40c by task repro/9855\n[  117.319577][ T9855]\n[  117.319773][ T9855] CPU: 0 UID: 0 PID: 9855 Comm: repro Not tainted 6.17.0-rc6 #33 PREEMPT(full)\n[  117.319780][ T9855] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[  117.319783][ T9855] Call Trace:\n[  117.319785][ T9855]  \u003cTASK\u003e\n[  117.319788][ T9855]  dump_stack_lvl+0x1c1/0x2a0\n[  117.319795][ T9855]  ? __virt_addr_valid+0x1c8/0x5c0\n[  117.319803][ T9855]  ? __pfx_dump_stack_lvl+0x10/0x10\n[  117.319808][ T9855]  ? rcu_is_watching+0x15/0xb0\n[  117.319816][ T9855]  ? lock_release+0x4b/0x3e0\n[  117.319821][ T9855]  ? __kasan_check_byte+0x12/0x40\n[  117.319828][ T9855]  ? __virt_addr_valid+0x1c8/0x5c0\n[  117.319835][ T9855]  ? __virt_addr_valid+0x4a5/0x5c0\n[  117.319842][ T9855]  print_report+0x17e/0x7e0\n[  117.319848][ T9855]  ? __virt_addr_valid+0x1c8/0x5c0\n[  117.319855][ T9855]  ? __virt_addr_valid+0x4a5/0x5c0\n[  117.319862][ T9855]  ? __phys_addr+0xd3/0x180\n[  117.319869][ T9855]  ? hfsplus_strcasecmp+0x1bc/0x490\n[  117.319876][ T9855]  kasan_report+0x147/0x180\n[  117.319882][ T9855]  ? hfsplus_strcasecmp+0x1bc/0x490\n[  117.319891][ T9855]  hfsplus_strcasecmp+0x1bc/0x490\n[  117.319900][ T9855]  ? __pfx_hfsplus_cat_case_cmp_key+0x10/0x10\n[  117.319906][ T9855]  hfs_find_rec_by_key+0xa9/0x1e0\n[  117.319913][ T9855]  __hfsplus_brec_find+0x18e/0x470\n[  117.319920][ T9855]  ? __pfx_hfsplus_bnode_find+0x10/0x10\n[  117.319926][ T9855]  ? __pfx_hfs_find_rec_by_key+0x10/0x10\n[  117.319933][ T9855]  ? __pfx___hfsplus_brec_find+0x10/0x10\n[  117.319942][ T9855]  hfsplus_brec_find+0x28f/0x510\n[  117.319949][ T9855]  ? __pfx_hfs_find_rec_by_key+0x10/0x10\n[  117.319956][ T9855]  ? __pfx_hfsplus_brec_find+0x10/0x10\n[  117.319963][ T9855]  ? __kmalloc_noprof+0x2a9/0x510\n[  117.319969][ T9855]  ? hfsplus_find_init+0x8c/0x1d0\n[  117.319976][ T9855]  hfsplus_brec_read+0x2b/0x120\n[  117.319983][ T9855]  hfsplus_lookup+0x2aa/0x890\n[  117.319990][ T9855]  ? __pfx_hfsplus_lookup+0x10/0x10\n[  117.320003][ T9855]  ? d_alloc_parallel+0x2f0/0x15e0\n[  117.320008][ T9855]  ? __lock_acquire+0xaec/0xd80\n[  117.320013][ T9855]  ? __pfx_d_alloc_parallel+0x10/0x10\n[  117.320019][ T9855]  ? __raw_spin_lock_init+0x45/0x100\n[  117.320026][ T9855]  ? __init_waitqueue_head+0xa9/0x150\n[  117.320034][ T9855]  __lookup_slow+0x297/0x3d0\n[  117.320039][ T9855]  ? __pfx___lookup_slow+0x10/0x10\n[  117.320045][ T9855]  ? down_read+0x1ad/0x2e0\n[  117.320055][ T9855]  lookup_slow+0x53/0x70\n[  117.320065][ T9855]  walk_component+0x2f0/0x430\n[  117.320073][ T9855]  path_lookupat+0x169/0x440\n[  117.320081][ T9855]  filename_lookup+0x212/0x590\n[  117.320089][ T9855]  ? __pfx_filename_lookup+0x10/0x10\n[  117.320098][ T9855]  ? strncpy_from_user+0x150/0x290\n[  117.320105][ T9855]  ? getname_flags+0x1e5/0x540\n[  117.320112][ T9855]  user_path_at+0x3a/0x60\n[  117.320117][ T9855]  __x64_sys_umount+0xee/0x160\n[  117.320123][ T9855]  ? __pfx___x64_sys_umount+0x10/0x10\n[  117.320129][ T9855]  ? do_syscall_64+0xb7/0x3a0\n[  117.320135][ T9855]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f\n[  117.320141][ T9855]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f\n[  117.320145][ T9855]  do_syscall_64+0xf3/0x3a0\n[  117.320150][ T9855]  ? exc_page_fault+0x9f/0xf0\n[  117.320154][ T9855]  entry_SYSCALL_64_after_hwframe+0x77/0x7f\n[  117.320158][ T9855] RIP: 0033:0x7f7dd7908b07\n[  117.320163][ T9855] Code: 23 0d 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 08\n[  117.320167][ T9855] RSP: 002b:00007ffd5ebd9698 EFLAGS: 00000202 \n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T21:42:16.856Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/603158d4efa98a13a746bd586c20f194f4a31ec8"
        },
        {
          "url": "https://git.kernel.org/stable/c/ef250c3edd995d7bb5a5e5122ffad1c28a8686eb"
        },
        {
          "url": "https://git.kernel.org/stable/c/7ab44236b32ed41eb0636797e8e8e885a2f3b18a"
        },
        {
          "url": "https://git.kernel.org/stable/c/b47a75b6f762321f9eb6f31aab7bce47a37063b7"
        },
        {
          "url": "https://git.kernel.org/stable/c/4f5ab4a9c6abd8b0d713cc2b7b041bc10d70f241"
        },
        {
          "url": "https://git.kernel.org/stable/c/586c75dfd1d265c4150f6529debb85c9d62e101f"
        },
        {
          "url": "https://git.kernel.org/stable/c/4bc081ba6c52b0c88c92701e3fbc33c7e2277afb"
        },
        {
          "url": "https://git.kernel.org/stable/c/42520df65bf67189541a425f7d36b0b3e7bd7844"
        }
      ],
      "title": "hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp()",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-40088",
    "datePublished": "2025-10-30T09:47:57.333Z",
    "dateReserved": "2025-04-16T07:20:57.162Z",
    "dateUpdated": "2026-05-11T21:42:16.856Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2025-40088",
      "date": "2026-06-05",
      "epss": "0.00062",
      "percentile": "0.19691"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-40088\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-10-30T10:15:33.343\",\"lastModified\":\"2025-10-30T15:03:13.440\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nhfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp()\\n\\nThe hfsplus_strcasecmp() logic can trigger the issue:\\n\\n[  117.317703][ T9855] ==================================================================\\n[  117.318353][ T9855] BUG: KASAN: slab-out-of-bounds in hfsplus_strcasecmp+0x1bc/0x490\\n[  117.318991][ T9855] Read of size 2 at addr ffff88802160f40c by task repro/9855\\n[  117.319577][ T9855]\\n[  117.319773][ T9855] CPU: 0 UID: 0 PID: 9855 Comm: repro Not tainted 6.17.0-rc6 #33 PREEMPT(full)\\n[  117.319780][ T9855] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\\n[  117.319783][ T9855] Call Trace:\\n[  117.319785][ T9855]  \u003cTASK\u003e\\n[  117.319788][ T9855]  dump_stack_lvl+0x1c1/0x2a0\\n[  117.319795][ T9855]  ? __virt_addr_valid+0x1c8/0x5c0\\n[  117.319803][ T9855]  ? __pfx_dump_stack_lvl+0x10/0x10\\n[  117.319808][ T9855]  ? rcu_is_watching+0x15/0xb0\\n[  117.319816][ T9855]  ? lock_release+0x4b/0x3e0\\n[  117.319821][ T9855]  ? __kasan_check_byte+0x12/0x40\\n[  117.319828][ T9855]  ? __virt_addr_valid+0x1c8/0x5c0\\n[  117.319835][ T9855]  ? __virt_addr_valid+0x4a5/0x5c0\\n[  117.319842][ T9855]  print_report+0x17e/0x7e0\\n[  117.319848][ T9855]  ? __virt_addr_valid+0x1c8/0x5c0\\n[  117.319855][ T9855]  ? __virt_addr_valid+0x4a5/0x5c0\\n[  117.319862][ T9855]  ? __phys_addr+0xd3/0x180\\n[  117.319869][ T9855]  ? hfsplus_strcasecmp+0x1bc/0x490\\n[  117.319876][ T9855]  kasan_report+0x147/0x180\\n[  117.319882][ T9855]  ? hfsplus_strcasecmp+0x1bc/0x490\\n[  117.319891][ T9855]  hfsplus_strcasecmp+0x1bc/0x490\\n[  117.319900][ T9855]  ? __pfx_hfsplus_cat_case_cmp_key+0x10/0x10\\n[  117.319906][ T9855]  hfs_find_rec_by_key+0xa9/0x1e0\\n[  117.319913][ T9855]  __hfsplus_brec_find+0x18e/0x470\\n[  117.319920][ T9855]  ? __pfx_hfsplus_bnode_find+0x10/0x10\\n[  117.319926][ T9855]  ? __pfx_hfs_find_rec_by_key+0x10/0x10\\n[  117.319933][ T9855]  ? __pfx___hfsplus_brec_find+0x10/0x10\\n[  117.319942][ T9855]  hfsplus_brec_find+0x28f/0x510\\n[  117.319949][ T9855]  ? __pfx_hfs_find_rec_by_key+0x10/0x10\\n[  117.319956][ T9855]  ? __pfx_hfsplus_brec_find+0x10/0x10\\n[  117.319963][ T9855]  ? __kmalloc_noprof+0x2a9/0x510\\n[  117.319969][ T9855]  ? hfsplus_find_init+0x8c/0x1d0\\n[  117.319976][ T9855]  hfsplus_brec_read+0x2b/0x120\\n[  117.319983][ T9855]  hfsplus_lookup+0x2aa/0x890\\n[  117.319990][ T9855]  ? __pfx_hfsplus_lookup+0x10/0x10\\n[  117.320003][ T9855]  ? d_alloc_parallel+0x2f0/0x15e0\\n[  117.320008][ T9855]  ? __lock_acquire+0xaec/0xd80\\n[  117.320013][ T9855]  ? __pfx_d_alloc_parallel+0x10/0x10\\n[  117.320019][ T9855]  ? __raw_spin_lock_init+0x45/0x100\\n[  117.320026][ T9855]  ? __init_waitqueue_head+0xa9/0x150\\n[  117.320034][ T9855]  __lookup_slow+0x297/0x3d0\\n[  117.320039][ T9855]  ? __pfx___lookup_slow+0x10/0x10\\n[  117.320045][ T9855]  ? down_read+0x1ad/0x2e0\\n[  117.320055][ T9855]  lookup_slow+0x53/0x70\\n[  117.320065][ T9855]  walk_component+0x2f0/0x430\\n[  117.320073][ T9855]  path_lookupat+0x169/0x440\\n[  117.320081][ T9855]  filename_lookup+0x212/0x590\\n[  117.320089][ T9855]  ? __pfx_filename_lookup+0x10/0x10\\n[  117.320098][ T9855]  ? strncpy_from_user+0x150/0x290\\n[  117.320105][ T9855]  ? getname_flags+0x1e5/0x540\\n[  117.320112][ T9855]  user_path_at+0x3a/0x60\\n[  117.320117][ T9855]  __x64_sys_umount+0xee/0x160\\n[  117.320123][ T9855]  ? __pfx___x64_sys_umount+0x10/0x10\\n[  117.320129][ T9855]  ? do_syscall_64+0xb7/0x3a0\\n[  117.320135][ T9855]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f\\n[  117.320141][ T9855]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f\\n[  117.320145][ T9855]  do_syscall_64+0xf3/0x3a0\\n[  117.320150][ T9855]  ? exc_page_fault+0x9f/0xf0\\n[  117.320154][ T9855]  entry_SYSCALL_64_after_hwframe+0x77/0x7f\\n[  117.320158][ T9855] RIP: 0033:0x7f7dd7908b07\\n[  117.320163][ T9855] Code: 23 0d 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 08\\n[  117.320167][ T9855] RSP: 002b:00007ffd5ebd9698 EFLAGS: 00000202 \\n---truncated---\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/42520df65bf67189541a425f7d36b0b3e7bd7844\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/4bc081ba6c52b0c88c92701e3fbc33c7e2277afb\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/4f5ab4a9c6abd8b0d713cc2b7b041bc10d70f241\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/586c75dfd1d265c4150f6529debb85c9d62e101f\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/603158d4efa98a13a746bd586c20f194f4a31ec8\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/7ab44236b32ed41eb0636797e8e8e885a2f3b18a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/b47a75b6f762321f9eb6f31aab7bce47a37063b7\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/ef250c3edd995d7bb5a5e5122ffad1c28a8686eb\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.