Security update for pam

This update for pam fixes the following issues: CVE-2025-6018: pamenv: Change the default to not read the user .pamenvironment file bsc1243226. pamnamespace: convert functions that may operate on a user-controlled path to operate on file descriptors instead of absolute path bsc1244509. Patch...

SUSE-SU-2025:02001-1 Security update for pam

This update for pam fixes the following issues: - CVE-2025-6018: pamenv: Change the default to not read the user .pamenvironment file bsc1243226. - pamnamespace: convert functions that may operate on a user-controlled path to operate on file descriptors instead of absolute path bsc1244509...

Astra Linux – Vulnerability in Firefox

The leakage of file descriptors from the fork server to web content processes could allow for privilege escalation attacks. This vulnerability was fixed in Firefox 137 and Thunderbird 137...

SUSE CVE-2025-46807

A Allocation of Resources Without Limits or Throttling vulnerability in sslh allows attackers to easily exhaust the file descriptors in sslh and deny legitimate users service.This issue affects sslh before 2.2.4...

CVE-2025-46807

A Allocation of Resources Without Limits or Throttling vulnerability in sslh allows attackers to easily exhaust the file descriptors in sslh and deny legitimate users service.This issue affects sslh before 2.2.4...

CVE-2025-46807

A Allocation of Resources Without Limits or Throttling vulnerability in sslh allows attackers to easily exhaust the file descriptors in sslh and deny legitimate users service.This issue affects sslh before 2.2.4...

UBUNTU-CVE-2025-46807

A Allocation of Resources Without Limits or Throttling vulnerability in sslh allows attackers to easily exhaust the file descriptors in sslh and deny legitimate users service.This issue affects sslh before 2.2.4...

CVE-2025-46807 File Descriptor Exhaustion in sslh-select and sslh-ev triggers SEGFAULT

A Allocation of Resources Without Limits or Throttling vulnerability in sslh allows attackers to easily exhaust the file descriptors in sslh and deny legitimate users service.This issue affects sslh before 2.2.4...

CVE-1999-0848

Denial of service in BIND named via consuming more than "fdmax" file descriptors...

SUSE CVE-2023-53117

In the Linux kernel, the following vulnerability has been resolved: fs: prevent out-of-bounds array speculation when closing a file descriptor Google-Bug-Id: 114199369...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an array out-of-bounds risk when file descriptors are closed...

Allocation of File Descriptors or Handles Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of File Descriptors or Handles Without Limits or Throttling due to the manipulation of the File argument in the main function of the file examples/LOP/src/genRandomLOPInstance.c. An attacker can cause uncontrolled file...

FreeBSD : Mozilla -- privilege scalation attack (315f568e-13c8-11f0-a5bd-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 315f568e-13c8-11f0-a5bd-b42e991fc52e advisory. [email protected] reports: Leaking of file descriptors from the fork server to web content processes...

SUSE CVE-2025-3032

Leaking of file descriptors from the fork server to web content processes could allow for privilege escalation attacks. This vulnerability was fixed in Firefox 137 and Thunderbird 137...

CVE-2025-3032

Leaking of file descriptors from the fork server to web content processes could allow for privilege escalation attacks. This vulnerability affects Firefox 137 and Thunderbird 137...

UBUNTU-CVE-2025-3032

Leaking of file descriptors from the fork server to web content processes could allow for privilege escalation attacks. This vulnerability was fixed in Firefox 137 and Thunderbird 137...

CVE-2025-3032

The CVE-2025-3032 entry describes a vulnerability in Firefox and Thunderbird where file descriptors leak from the fork server to web content processes, enabling privilege escalation. Affected products are Firefox and Thunderbird versions prior to 137. The root cause is the unintended propagation ...

CVE-2025-3032

Leaking of file descriptors from the fork server to web content processes could allow for privilege escalation attacks. This vulnerability was fixed in Firefox 137 and Thunderbird 137...

PT-2025-14107

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 137 Thunderbird versions prior to 137 Description The issue involves the leaking of file descriptors from the fork server to web content processes, which could allow for privilege escalation attacks. Recommendations F...

Amazon Linux 2023 : libtirpc, libtirpc-devel (ALAS2023-2025-890)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-890 advisory. In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svcrun infinit...