| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025090458-CVE-2025-38715-8464@gregkh> Date: Thu, 4 Sep 2025 17:33:20 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2025-38715: hfs: fix slab-out-of-bounds in hfs_bnode_read() From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: hfs: fix slab-out-of-bounds in hfs_bnode_read() This patch introduces is_bnode_offset_valid() method that checks the requested offset value. Also, it introduces check_and_correct_requested_length() method that checks and correct the requested length (if it is necessary). These methods are used in hfs_bnode_read(), hfs_bnode_write(), hfs_bnode_clear(), hfs_bnode_copy(), and hfs_bnode_move() with the goal to prevent the access out of allocated memory and triggering the crash. The Linux kernel CVE team has assigned CVE-2025-38715 to this issue. Affected and fixed versions =========================== Fixed in 5.4.297 with commit e7d2dc2421e821e4045775e6dc226378328de6f6 Fixed in 5.10.241 with commit 67ecc81f6492275c9c54280532f558483c99c90e Fixed in 5.15.190 with commit a1a60e79502279f996e55052f50cc14919020475 Fixed in 6.1.149 with commit fe2891a9c43ab87d1a210d61e6438ca6936e2f62 Fixed in 6.6.103 with commit 384a66b89f9540a9a8cb0f48807697dfabaece4c Fixed in 6.12.43 with commit efc095b35b23297e419c2ab4fc1ed1a8f0781a29 Fixed in 6.15.11 with commit fc7f732984ec91f30be3e574e0644066d07f2b78 Fixed in 6.16.2 with commit eec522fd0d28106b14a59ab2d658605febe4a3bb Fixed in 6.17-rc1 with commit a431930c9bac518bf99d6b1da526a7f37ddee8d8 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2025-38715 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: fs/hfs/bnode.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/e7d2dc2421e821e4045775e6dc226378328de6f6 https://git.kernel.org/stable/c/67ecc81f6492275c9c54280532f558483c99c90e https://git.kernel.org/stable/c/a1a60e79502279f996e55052f50cc14919020475 https://git.kernel.org/stable/c/fe2891a9c43ab87d1a210d61e6438ca6936e2f62 https://git.kernel.org/stable/c/384a66b89f9540a9a8cb0f48807697dfabaece4c https://git.kernel.org/stable/c/efc095b35b23297e419c2ab4fc1ed1a8f0781a29 https://git.kernel.org/stable/c/fc7f732984ec91f30be3e574e0644066d07f2b78 https://git.kernel.org/stable/c/eec522fd0d28106b14a59ab2d658605febe4a3bb https://git.kernel.org/stable/c/a431930c9bac518bf99d6b1da526a7f37ddee8d8
Powered by blists - more mailing lists