1683 matches found
CVE-2022-50753
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on summary info As Wenqing Liu reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=216456 BUG: KASAN: use-after-free in recoverdata+0x63ae/0x6ae0 f2fs Read of size 4 at addr...
UBUNTU-CVE-2023-54151
In the Linux kernel, the following vulnerability has been resolved: f2fs: Fix system crash due to lack of free space in LFS When f2fs tries to checkpoint during foreground gc in LFS mode, system crash occurs due to lack of free space if the amount of dirty node and dentry pages generated by data...
UBUNTU-CVE-2022-50753
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on summary info As Wenqing Liu reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=216456 BUG: KASAN: use-after-free in recoverdata+0x63ae/0x6ae0 f2fs Read of size 4 at addr...
CVE-2023-54161
...
CVE-2023-54161
CVE-2023-54161 concerns the Linux kernel: a null-pointer dereference in unix_stream_sendpage() caused by racing access to a peer socket’s receive queue when data is queued de-pendently by the last skb. The root cause is the peer’s recv queue being accessed locklessly during garbage collection, en...
CVE-2023-54161 af_unix: Fix null-ptr-deref in unix_stream_sendpage().
In the Linux kernel, the following vulnerability has been resolved: afunix: Fix null-ptr-deref in unixstreamsendpage. Bing-Jhong Billy Jheng reported null-ptr-deref in unixstreamsendpage with detailed analysis and a nice repro. unixstreamsendpage tries to add data to the last skb in the peer's re...
CVE-2023-54151 f2fs: Fix system crash due to lack of free space in LFS
In the Linux kernel, the following vulnerability has been resolved: f2fs: Fix system crash due to lack of free space in LFS When f2fs tries to checkpoint during foreground gc in LFS mode, system crash occurs due to lack of free space if the amount of dirty node and dentry pages generated by data...
CVE-2023-54151 f2fs: Fix system crash due to lack of free space in LFS
In the Linux kernel, the following vulnerability has been resolved: f2fs: Fix system crash due to lack of free space in LFS When f2fs tries to checkpoint during foreground gc in LFS mode, system crash occurs due to lack of free space if the amount of dirty node and dentry pages generated by data...
CVE-2023-54151
The CVE-2023-54151 entries describe a Linux kernel vulnerability in f2fs where a system crash could occur during foreground garbage collection in LFS mode if free space is exhausted during data migration/checkpoint. The issue arises when the number of dirty node/dentry pages exceeds available spa...
CVE-2023-54082
...
CVE-2023-54082
CVE-2023-54082 has been rejected in the official CVE list, but related connected records describe a Linux kernel vulnerability: af_unix, where unix_stream_sendpage() could race with garbage collection, potentially dereferencing an unlocked skb and causing a use-after-free. The root cause is failu...
CVE-2022-50753 f2fs: fix to do sanity check on summary info
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on summary info As Wenqing Liu reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=216456 BUG: KASAN: use-after-free in recoverdata+0x63ae/0x6ae0 f2fs Read of size 4 at addr...
CVE-2022-50753 f2fs: fix to do sanity check on summary info
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on summary info As Wenqing Liu reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=216456 BUG: KASAN: use-after-free in recoverdata+0x63ae/0x6ae0 f2fs Read of size 4 at addr...
CVE-2022-50753
CVE-2022-50753 affects the Linux kernel F2FS recovery paths. Public details in connected documents show a use-after-free in recover_data due to an SSA table corruption (ofs_in_node > ADDRS_PER_PAGE) leading to out-of-bounds access during mount for a fuzzed image. The patch adds sanity checks o...
Linux Distros Unpatched Vulnerability : CVE-2023-54082
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - afunix: Fix null-ptr-deref in unixstreamsendpage. Bing-Jhong Billy Jheng reported null-ptr-deref in unixstreamsendpage with detailed analysis and a nice repro...
PT-2025-53119
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.0.0-rc4 Description The Linux kernel contains a flaw within the f2fs file system related to sanity checks on summary information. This issue can lead to a use-after-free condition, specifically triggered by...
PT-2025-53228
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the f2fs filesystem. When f2fs attempts to checkpoint during foreground garbage collection gc in Log-structured filesystem LFS mode, a system cras...
PT-2026-8134
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s netfilter component, specifically within the nf conncount module. The last gc variable is currently updated with each new connection tracked, even if...
Improper Cleanup Of Sensitive Data
Ansible is vulnerable to improper cleanup of sensitive data. The vulnerability is due to the awsssm connection plugin not performing garbage collection after playbook execution, which allows sensitive files to remain in the storage bucket and exposes confidential data to unauthorized access...
tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Denial of service
A denial of service flaw has been discovered in Apache Tomcat. If an error occurred including exceeding limits during the processing of a multipart upload, temporary copies of the uploaded parts written to disc were not cleaned up immediately but left for the garbage collection process to delete...