CVE-2026-55392

Summary

NILFS utilities through 2.3.0, fixed in commit 26efb5d, nilfs_sb_is_valid() function fails to validate s_log_block_size field in NILFS2 superblock before bit-shift operations. Attackers supplying crafted NILFS2 images trigger undefined behavior through oversized shifts or out-of-memory conditions, crashing tools like nilfs-tune and dumpseg.

Affected Software

VendorProductVersion RangeStatus
nilfs-devnilfs-utils0 <= 2.3.0affected
nilfs-devnilfs-utils26efb5daff0757365101035145331b0a5a85d9d9unaffected

Weaknesses

  • CWE-1284: Improper Validation of Specified Quantity in Input

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References