CVE-2026-53130

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description An unsigned underflow occurs in the omfs make empty() function when processing a crafted filesystem image. The omfs fill super() function fails to reject s sys blocksize values smaller than OMFS DIR START (440). Consequently, the calculation sbi->s sys blocksize - OMFS DIR START results in a value near 2^32, leading to a massive memset() operation that overwrites kernel memory beyond the backing block buffer.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.