Yuezhang Mo

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to an out-of-bounds access of directory entries in the exfat file system. This occurs when the directory size is greater than or equal to the cluster size and `start clu` becomes an invalid cluster due to file system corruption, resulting in an out-of-bounds access. This may cause further file system corruption. A check has been added for `start clu` to treat the file or directory as empty if it is an invalid cluster. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified) Description: A memory leak issue has been identified in the Linux kernel, specifically in the exfat load bitmap() function. This occurs when the first directory entry in the root directory is not a bitmap directory entry, causing 'bh' to not be released and reassigned, resulting in a memory leak. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to the exfat component of the Linux kernel, where an overflow occurs when using the int type for the sector index in large capacity partitions. This can happen when the storage has a sector size of 512 bytes and the partition capacity exceeds 2TB. Additionally, there is a potential memory corruption issue in the exfat zeroed cluster() function, which could allow an attacker to cause a denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.