Stats Digest Feeds
โ† Back to all CVEs

CVE-2026-53369

UNKNOWN NVD
CVSS Score 0
Severity UNKNOWN
Published Jul 19, 2026
Vendor unknown

Description

In the Linux kernel, the following vulnerability has been resolved: udf: reject descriptors with oversized CRC length udf_read_tagged() skips CRC verification when descCRCLength + sizeof(struct tag) exceeds the block size. A crafted UDF image can set descCRCLength to an oversized value to bypass CRC validation entirely; the descriptor is then accepted based solely on the 8-bit tag checksum, which is trivially recomputable. Reject such descriptors instead of silently accepting them. A legitimate single-block descriptor should never have a CRC length that exceeds the block.

References