22915 matches found
Exploit for CVE-2025-40271
🔴 CVE-2025-40271: Vulnerabilidad Crítica de Uso-After-Free en...
PT-2026-37204
Name of the Vulnerable Software and Affected Versions AzuraCast versions prior to 0.23.6 Description An issue exists in the Flow.js media upload endpoint 'POST /api/station/station id/files/upload' where the currentDirectory request parameter is not sanitized for path traversal sequences. When...
PT-2026-38245
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.22 Description A time-of-check/time-of-use TOCTOU race condition exists in OpenShell sandbox filesystem writes. This flaw allows attackers to use symlink swaps during filesystem operations to bypass sandbox...
Linux Kernel proc_readdir_de() 6.18-rc5 - Local Privilege Escalation
Exploit Title: Linux Kernel procreaddirde 6.18-rc5 - Local Privilege Escalation CVE: CVE-2025-40271 Date: 2026-03-19 Exploit Author: Aviral Srivastava Vendor: Linux Kernel kernel.org Affected: 3.14+ through 6.18-rc5 bug predates version tracking Fixed in stable: 5.10.247, 6.1.159, 6.12.73, 6.18-r...
PT-2026-38246
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.22 Description A time-of-check/time-of-use TOCTOU race condition exists in the OpenShell filesystem bridge. This issue allows attackers to use symlink swaps during filesystem operations to bypass sandbox...
Astra Linux - уязвимость в linux-5.15, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid use-after-free for cached IPU bio xfstest generic/019 reports a bug: kernel BUG at mm/filemap.c:1619! RIP: 0010:folioendwriteback+0x8a/0x90 Call Trace: endpagewriteback+0x1c/0x60 f2fswriteendio+0x199/0x420...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: fuse: fix runtime warning on truncatefoliobatchexceptionals The WARNONONCE is introduced on truncatefoliobatchexceptionals to capture whether the filesystem has removed all DAX entries or not. And the fix has been applied on the...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: isofs: Fix out of bound access for corrupted isofs image When isofs image is suitably corrupted isofsreadinode can read data beyond the end of buffer. Sanity-check the directory entry length before using it...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: gfs2: Fixed a memory corruption issue in gfs2qddealloc. In gfs2putsuper, regardless of whether it is withdrawn or not, the quota should be cleaned up by gfs2quotacleanup. Otherwise, the struct gfs2sbd will be freed before...
Astra Linux - уязвимость в linux
A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well a...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: btrfs: Fixed a use-after-free on the inode when scanning the root during em shrinking. In the function btrfsscanroot, we access the root of the inode along with fsinfo through a call to btrfsfsclosing. This occurs after we schedu...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: ocfs2: dlmfs: fix error handling of userdlmdestroylock When userdlmdestroylock failed, it didn't clean up the flags it set before exit. For USERLOCKINTEARDOWN, if this function fails because of lock is still in used, next time wh...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ocfs2: mount fails with buffer overflow in strlen Starting with kernel 5.11 built with CONFIGFORTIFYSOURCE mouting an ocfs2 filesystem with either o2cb or pcmk cluster stack fails with the trace below. Problem seems to be that...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ext4: Do not set SBRDONLY after filesystem errors When the filesystem is mounted with errors=remount-ro, we previously set the SBRDONLY flag to prevent any further modifications to the filesystem. We knew that this approach misse...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: check folio mapping after unlock in relocateonefolio When we call btrfsreadfolio to bring a folio uptodate, we unlock the folio. The result of that is that a different thread can modify the mapping like remove it with...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: nfsd: Check that the server is running in “unlockfilesystem” mode. If we attempt to unlock the filesystem via an administrative interface, and nfsd is not running, it will cause the server to crash. This issue occurs because the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: erofs: limited the level of fs stacking for file-backed mounts. Otherwise, it could cause potential kernel stack overflows e.g., when mounting EROFS itself...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: erofs: Avoid infinite loops caused by corrupted subpage compact indexes. Robert reported an infinite loop observed in two crafted images. The root cause is that clusterofs can be larger than lclustersize for !NONHEAD lclusters...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: qgroup: fix race between quota disable and quota rescan ioctl There is a race between a task that disables quotas and another task that runs the rescan ioctl. This can lead to a use-after-free of qgroup records from the...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux
In the Linux kernel, the following vulnerability has been resolved: ext4: Avoid out-of-bounds access when system.data changes xattrs under the filesystem. When searching for an entry in an inline directory, if evalueoffs is changed under the filesystem due to changes in the block device, it may...