CVE-2025-55095

Name of the Vulnerable Software and Affected Versions Versions prior to a fix are affected.

Description The function ux host class storage media mount() is responsible for mounting partitions on a USB mass storage device. When it encounters an extended partition entry in the partition table, it recursively calls itself to mount the next logical partition. This recursion occurs in ux host class storage partition read(), which parses up to four partition entries. If an extended partition is found, the code invokes ux host class storage media mount(storage, sector + ux utility long get(...)). There is no limit on the recursion depth or tracking of visited sectors. A malicious or malformed disk image can include cyclic or excessively deep chains of extended partitions, causing the function to recurse until stack overflow occurs.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.