Out-of-bounds write in Linux kernel - CVE-2026-52992
Published: June 25, 2026
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to an out-of-bounds write in adfs_map_layout() when parsing a crafted ADFS image during filesystem probe. A local user can provide a crafted image with a zero zone count to cause a denial of service.
The issue affects new-format ADFS images and is triggered before the disc record is used.
How to mitigate CVE-2026-52992
Sources
- https://git.kernel.org/stable/c/1586bd2d2fb436a26df20a70e78b000d34a7d159
- https://git.kernel.org/stable/c/1f0ed0f57f0fc87e46fe19a05435c214dc464be2
- https://git.kernel.org/stable/c/33aafd2418a59c96c0389d47ea09026661fa9ec6
- https://git.kernel.org/stable/c/60d82592ac8b5637fbed871381eb0a16df0a492e
- https://git.kernel.org/stable/c/6ff8cca5cdb4f2e0ea6d28ecd78479dd3f221ebc
- https://git.kernel.org/stable/c/a11372a8b1ceaa5e950a84b3b5fbf8228f25e277
- https://git.kernel.org/stable/c/a3fd5dc1c7b0aae947a67dc2e2c037d57557a4de
- https://git.kernel.org/stable/c/dd9d3e16c2d5fa166e13dce07413be51f42c8f5d