CVE-2026-23388
- Source
- https://cve.org/CVERecord?id=CVE-2026-23388
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-23388.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2026-23388
- Downstream
- Published
- 2026-03-25T10:28:06.224Z
- Modified
- 2026-04-14T03:47:26.774344Z
- Summary
- Squashfs: check metadata block offset is within range
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
Squashfs: check metadata block offset is within range
Syzkaller reports a "general protection fault in squashfscopydata"
This is ultimately caused by a corrupted index look-up table, which produces a negative metadata block offset.
This is subsequently passed to squashfscopydata (via squashfsreadmetadata) where the negative offset causes an out of bounds access.
The fix is to check that the offset is within range in squashfsreadmetadata. This will trap this and other cases.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23388.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/01ee0bcc29864b78249308e8b35042b09bbf5fe3
- https://git.kernel.org/stable/c/0c8ab092aec3ac4294940054772d30b511b16713
- https://git.kernel.org/stable/c/3b9499e7d677dd4366239a292238489a804936b2
- https://git.kernel.org/stable/c/6b847d65f5b0065e02080c61fad93d57d6686383
- https://git.kernel.org/stable/c/9e9fa5ad37c9cbad73c165c7ff1e76e650825e7c
- https://git.kernel.org/stable/c/fdb24a820a5832ec4532273282cbd4f22c291a0d
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23388.json
- https://nvd.nist.gov/vuln/detail/CVE-2026-23388
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedf400e12656ab518be107febfe2315fb1eab5a342Fixed0c8ab092aec3ac4294940054772d30b511b16713Fixed6b847d65f5b0065e02080c61fad93d57d6686383Fixed9e9fa5ad37c9cbad73c165c7ff1e76e650825e7cFixed01ee0bcc29864b78249308e8b35042b09bbf5fe3Fixed3b9499e7d677dd4366239a292238489a804936b2Fixedfdb24a820a5832ec4532273282cbd4f22c291a0d