High severity7.1NVD Advisory· Published Mar 25, 2026· Updated Apr 24, 2026
CVE-2026-23388
CVE-2026-23388
Description
In the Linux kernel, the following vulnerability has been resolved:
Squashfs: check metadata block offset is within range
Syzkaller reports a "general protection fault in squashfs_copy_data"
This is ultimately caused by a corrupted index look-up table, which produces a negative metadata block offset.
This is subsequently passed to squashfs_copy_data (via squashfs_read_metadata) where the negative offset causes an out of bounds access.
The fix is to check that the offset is within range in squashfs_read_metadata. This will trap this and other cases.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
11cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 9 more
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: >=2.6.29.1,<5.10.253
- cpe:2.3:o:linux:linux_kernel:2.6.29:-:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc7:*:*:*:*:*:*
- (no CPE)
Patches
Vulnerability mechanics
References
8- git.kernel.org/stable/c/01ee0bcc29864b78249308e8b35042b09bbf5fe3nvdPatch
- git.kernel.org/stable/c/0c8ab092aec3ac4294940054772d30b511b16713nvdPatch
- git.kernel.org/stable/c/3b9499e7d677dd4366239a292238489a804936b2nvdPatch
- git.kernel.org/stable/c/3f68a9457a6190814377577374da75f872e0a013nvdPatch
- git.kernel.org/stable/c/60f679f643f3f36a8571ea585e4ce5d93ef952b5nvdPatch
- git.kernel.org/stable/c/6b847d65f5b0065e02080c61fad93d57d6686383nvdPatch
- git.kernel.org/stable/c/9e9fa5ad37c9cbad73c165c7ff1e76e650825e7cnvdPatch
- git.kernel.org/stable/c/fdb24a820a5832ec4532273282cbd4f22c291a0dnvdPatch
News mentions
0No linked articles in our index yet.