In the Linux kernel, the following vulnerability has been found: A heap overflow in the hfs and hfsplus filesystems can happen if a user mounts a manually crafted filesystem. At this point in time, it is not fixed in any released kernel version, this is a stop-gap report to notify that kernel.org is now the owner of this CVE id. The Linux kernel CVE team has been assigned CVE-2025-0927 as it was incorrectly created by a different CNA that really should have known better to not have done this.to this issue.
https://ubuntu.com/security/notices/USN-7276-1
https://ubuntu.com/security/CVE-2025-0927
https://ssd-disclosure.com/ssd-advisory-linux-kernel-hfsplus-slab-out-of-bounds-write/