USN-7123-1 linux-azure vulnerabilities

It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate certain SMB messages, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service system crash or possibly expose sensitive information...

Dell SmartFabric OS10 Unauthorized Access Vulnerability

Dell SmartFabric OS10 is a Linux-based network switch operating system from Dell Dell. An unauthorized access vulnerability exists in Dell SmartFabric OS10, which arises from a file or directory issue that contains a file or directory that is accessible to an outside party. A low-privileged...

The vulnerability of the ext4_ext_insert_extent() function in the ext4 file system of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the ext4extinsertextent function in the fs/ext4/extents.c file of the Linux kernel’s file system ext4 is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

DEBIAN-CVE-2024-11117

Inappropriate implementation in FileSystem in Google Chrome prior to 131.0.6778.69 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. Chromium security severity: Low...

The vulnerability of the btrfs component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the btrfs component in Linux operating systems is related to the state of the race condition. Exploiting this vulnerability can allow an attacker to increase their privileges within the system...

PT-2024-8531

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to a use-after-free vulnerability in the btrfs file system. It can be triggered when mounting btrfs from two images with the same fsid and different dev uuids in a...

Apple macOS 安全漏洞

Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS version 13.7.1, which originates from a malicious application that may be able to modify protected portions of the file system...

PT-2024-31079

Name of the Vulnerable Software and Affected Versions: macOS versions prior to Ventura 13.7.1 macOS versions prior to Sonoma 14.7.1 Description: The issue was addressed with improved checks to prevent an application from modifying protected parts of the file system. The system installd daemon,...

The vulnerability of the f2fs_build_fault_attr() function in the f2fs file system of Linux kernels allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the f2fsbuildfaultattr function in the fs/f2fs/super.c file of the Linux kernel’s file system f2fs is related to the lack of input validation. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protecte...

PT-2024-41488 · Gnu +1 · Linux +1

Уязвимость функции ea get файловой системы JFS fs/jfs/xattr.c ядра операционных систем Linux связана с некорректной обработкой данных, считываемых с повреждённого образа файловой системы. Эксплуатация уязвимости может позволить нарушителю получить несанкционированный доступ к защищаемой информаци...

CVE-2024-38117

NTFS Elevation of Privilege Vulnerability...

Schneider Electric Modicon M340 Denial of Service Vulnerability

The Schneider Electric Modicon M340 is a mid-range PLC programmable logic controller for industrial processes and infrastructure from Schneider Electric, France. A denial of service vulnerability exists in the Schneider Electric Modicon M340, which can be exploited by an attacker to prevent a use...

CVE-2024-26226 Windows Distributed File System (DFS) Information Disclosure Vulnerability

...

Microsoft Brokering File System Elevation of Privilege Vulnerability

...

The vulnerability of the NTFS file system in Windows operating systems allows attackers to increase their privileges.

The vulnerability of the NTFS file system in Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to increase their privileges...

CVE-2024-0167

Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in the svctopstats utility. An authenticated attacker could potentially exploit this vulnerability, leading to the ability to overwrite arbitrary files on the file system with root privileges...

Apple macOS Ventura Security Vulnerability

Apple macOS Ventura is a desktop operating system from Apple Inc. in the United States. A security vulnerability exists in Apple macOS Ventura version 13, which originates from an application that may be able to modify protected portions of the file system...

USN-6536-1: Linux kernel vulnerabilities

Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service system crash or possibly expose sensitive information kernel memory. CVE-2023-39189 Kyle Zeng...

Named Pipe File System Elevation of Privilege Vulnerability

...

CVE-2023-5368

On an msdosfs filesystem, the 'truncate' or 'ftruncate' system calls under certain circumstances populate the additional space in the file with unallocated data from the underlying disk device, rather than zero bytes. This may permit a user with write access to files on a msdosfs filesystem to re...