Updated: 2026-02-27 01:13:28.406028
Description:
In the Linux kernel, the following vulnerability has been resolved: binfmt_flat: Fix integer overflow bug on 32 bit systems Most of these sizes and counts are capped at 256MB so the math doesn't result in an integer overflow. The "relocs" count needs to be checked as well. Otherwise on 32bit systems the calculation of "full_data" could be wrong. full_data = data_len + relocs * sizeof(unsigned long);
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | 0.0 | |
| CVSS Version 3.x | MEDIUM | 5.5 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| AlmaLinux 9.2 ESU | kernel | 5.14.0 | 5.5 | MEDIUM | Ignored | 2025-03-10 22:53:44 | This issue only affects 32‑bit kernels with the optional binfmt_flat loader (CONFIG_BINFMT_FLAT) e... | |
| CentOS 8.4 ELS | kernel | 4.18.0 | 5.5 | MEDIUM | Ignored | 2025-03-11 05:53:32 | Ignored due to low severity | |
| CentOS 8.5 ELS | kernel | 4.18.0 | 5.5 | MEDIUM | Ignored | 2025-03-11 05:53:32 | Ignored due to low severity | |
| CentOS Stream 8 ELS | kernel | 4.18.0 | 5.5 | MEDIUM | Ignored | 2025-03-11 00:54:39 | Ignored due to low severity | |
| Oracle Linux 7 ELS | kernel-uek | 5.4.17 | 5.5 | MEDIUM | Ignored | 2025-12-04 17:09:40 | This vulnerability only applies on 32-bit kernels using the FLAT binary loader (binfmt_flat), which ... | |
| Ubuntu 16.04 ELS | linux-hwe | 4.15.0 | 5.5 | MEDIUM | Ignored | 2025-03-11 02:53:04 | Ignored due to low severity | |
| Ubuntu 18.04 ELS | linux | 4.15.0 | 5.5 | MEDIUM | Ignored | 2025-09-10 14:18:08 | Ignored due to low severity |