CVE-2026-23388

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw within the Squashfs file system related to metadata block offset validation. A corrupted index look-up table can result in a negative metadata block offset being passed to the squashfs copy data function via squashfs read metadata, leading to an out-of-bounds access. The issue is addressed by adding a check within squashfs read metadata to ensure the offset is within the valid range.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.