CNNVD-202512-5373 Information

CNNVD ID

CNNVD-202512-5373

Related CVE

CVE-2022-50811

• CNNVD Published: 2025-12-30

Description (Chinese)

Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞，该漏洞源于z_erofs_get_extent_compressedlen函数失败时缺少取消映射操作，可能导致元数据缓冲区泄漏。

Description (English)

Linux Kernel is the kernel used by Linux, the Open Source Operator System of the Linux Foundation of the United States. There is a security loophole in Linux Kernel, which stems from the lack of off-map operations when the z erofs get extent compressedlen function fails, which could result in a metadata buffer leak.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Linux

Published

2025-12-30

Last Modified

2026-02-24

References

https://git.kernel.org/stable/c/091a8ca572a2e48554427feda78aa503e98c1028 https://git.kernel.org/stable/c/373b6f350aecf5dca2e7474f0b4ec8cca659f2f0 https://git.kernel.org/stable/c/d5d188b8f8b38d3d71dd05993874b4fc9284ce95

Patch

https://www.kernel.org/