MEDIUM
nilfs-dev
CVE published 2026-06-18
CVE-2026-55392
The NILFS utilities through version 2.3.0 contain a vulnerability where the nilfs_sb_is_valid() function fails to properly validate the s_log_block_size field in the NILFS2 superblock. This oversight allows attackers to supply crafted NILFS2 images that can trigger undefined behavior, resulting in either oversized shifts or out-of-memory conditions. Such exploitation can crash tools like nilfs-tune and du [truncated]