Lucene search
K

61 matches found

Cvelist
Cvelist
added 2026/07/01 1:32 p.m.40 views

CVE-2026-53341 fhandle: fix UAF due to unlocked ->mnt_ns read in may_decode_fh()

In the Linux kernel, the following vulnerability has been resolved: fhandle: fix UAF due to unlocked -mntns read in maydecodefh maydecodefh accesses mount::mntns without holding any locks; that means the mount can concurrently be unmounted, and the mntnamespace can concurrently be freed after an...

0.00156EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fanotify: Validate the return value of mntnsfromdentry before dereferencing it. The function dofanotifymark does not validate whether mntnsfromdentry returns NULL before dereferencing mntns-userns. This causes a NULL pointer...

5.3AI score0.0017EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fs/namespace: The reference leak in grabrequestedmntns has been fixed. lookupmntns already takes a reference to mntns. grabrequestedmntns does not need to take an additional reference...

5.9AI score0.00155EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.10 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013503)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013503 advisory. In the Linux kernel, the following vulnerability has been resolved: legitimizemnt: check for MNTSYNCUMOUNT should be under mountlock ... or we risk stealing final...

5.5CVSS6.4AI score0.00133EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/23 12:0 a.m.3 views

Siemens SIMATIC S7-1500 Improper Locking (CVE-2025-38058)

In the Linux kernel, the following vulnerability has been resolved: legitimizemnt: check for MNTSYNCUMOUNT should be under mountlock ... or we risk stealing final mntput from sync umount - raising mntcount after umount2 has verified that victim is not busy, but before it has set MNTSYNCUMOUNT; in...

5.5CVSS6.2AI score0.00133EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/20 10:30 p.m.2 views

CVE-2026-33194

SiYuan is a personal knowledge management system. Prior to version 3.6.2, the IsSensitivePath function in kernel/util/path.go uses a denylist approach that was recently expanded GHSA-h5vh-m7fg-w5h6, commit 9914fd1 but remains incomplete. Multiple security-relevant Linux directories are not blocke...

6.8CVSS5.8AI score0.00489EPSS
Exploits1References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.5 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-37988)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37988 advisory. - In the Linux kernel, the following vulnerability has been resolved: fix a couple of races in MNTTREEBENEATH...

4.7CVSS5.4AI score0.00109EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000736)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000736 advisory. fs/namespace.c in the Linux kernel through 3.16.1 does not properly restrict clearing MNTNODEV, MNTNOSUID, and MNTNOEXEC and changing MNTATIMEMASK during a remount o...

6.2CVSS7AI score0.00888EPSS
Exploits6References15
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000570)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000570 advisory. The clonemnt function in fs/namespace.c in the Linux kernel before 3.8.6 does not properly restrict changes to the MNTREADONLY flag, which allows local users to bypa...

4.7CVSS5.4AI score0.00338EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001894)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001894 advisory. The clonemnt function in fs/namespace.c in the Linux kernel before 3.8.6 does not properly restrict changes to the MNTREADONLY flag, which allows local users to bypa...

4.7CVSS5.4AI score0.00338EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.3 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002453)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002453 advisory. fs/namespace.c in the Linux kernel before 4.0.2 processes MNTDETACH umount2 system calls without verifying that the MNTLOCKED flag is unset, which allows local users...

6.1CVSS7.4AI score0.00331EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.4 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002108)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002108 advisory. The clonemnt function in fs/namespace.c in the Linux kernel before 3.8.6 does not properly restrict changes to the MNTREADONLY flag, which allows local users to bypa...

4.7CVSS5.4AI score0.00338EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2025/12/16 4:16 p.m.3 views

CVE-2025-68300

In the Linux kernel, the following vulnerability has been resolved: fs/namespace: fix reference leak in grabrequestedmntns lookupmntns already takes a reference on mntns. grabrequestedmntns doesn't need to take an extra reference...

5.9AI score0.00155EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2025/12/16 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-68300

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/namespace: fix reference leak in grabrequestedmntns lookupmntns already takes a reference on mntns. grabrequestedmntns doesn't need to take an extra referenc...

6.1AI score0.00155EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-40195

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mount: handle NULL values in mntnsrelease When calling in listmount mntnsrelease may be passed a NULL pointer. Handle that case gracefully. CVE-2025-40195 Note...

6.1AI score0.00181EPSS
Exploits0References3
OSV
OSV
added 2025/11/12 10:15 p.m.2 views

DEBIAN-CVE-2025-40195

In the Linux kernel, the following vulnerability has been resolved: mount: handle NULL values in mntnsrelease When calling in listmount mntnsrelease may be passed a NULL pointer. Handle that case gracefully...

5.1AI score0.00181EPSS
Exploits0References1
OSV
OSV
added 2025/11/12 10:15 p.m.9 views

UBUNTU-CVE-2025-40195

In the Linux kernel, the following vulnerability has been resolved: mount: handle NULL values in mntnsrelease When calling in listmount mntnsrelease may be passed a NULL pointer. Handle that case gracefully...

5.7AI score0.00181EPSS
Exploits0References11
Cvelist
Cvelist
added 2025/11/12 9:56 p.m.5 views

CVE-2025-40195 mount: handle NULL values in mnt_ns_release()

In the Linux kernel, the following vulnerability has been resolved: mount: handle NULL values in mntnsrelease When calling in listmount mntnsrelease may be passed a NULL pointer. Handle that case gracefully...

0.00181EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2025/11/12 9:56 p.m.3 views

CVE-2025-40195

In the Linux kernel, the following vulnerability has been resolved: mount: handle NULL values in mntnsrelease When calling in listmount mntnsrelease may be passed a NULL pointer. Handle that case gracefully...

5.1AI score0.00181EPSS
Exploits0
OSV
OSV
added 2025/10/28 11:48 a.m.3 views

CVE-2025-40072 fanotify: Validate the return value of mnt_ns_from_dentry() before dereferencing

In the Linux kernel, the following vulnerability has been resolved: fanotify: Validate the return value of mntnsfromdentry before dereferencing The function dofanotifymark does not validate if mntnsfromdentry returns NULL before dereferencing mntns-userns. This causes a NULL pointer dereference i...

6.2AI score0.0017EPSS
Exploits0References5
Rows per page
Query Builder