Lucene search
K

83 matches found

OSV
OSV
added 2025/01/31 12:15 p.m.9 views

AZL-56327 CVE-2025-21672 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: afs: Fix merge preference rule failure condition syzbot reported a lock held when returning to userspace1. This is because if argc is less than 0 and the function returns directly, the held inode lock is not released. Fix this by...

5.5CVSS6.3AI score0.00136EPSS
Exploits0References1
OSV
OSV
added 2025/01/31 12:15 p.m.2 views

UBUNTU-CVE-2025-21672

In the Linux kernel, the following vulnerability has been resolved: afs: Fix merge preference rule failure condition syzbot reported a lock held when returning to userspace1. This is because if argc is less than 0 and the function returns directly, the held inode lock is not released. Fix this by...

5.5CVSS6.2AI score0.00136EPSS
Exploits0References15
Vulnrichment
Vulnrichment
added 2025/01/31 11:25 a.m.3 views

CVE-2025-21672 afs: Fix merge preference rule failure condition

In the Linux kernel, the following vulnerability has been resolved: afs: Fix merge preference rule failure condition syzbot reported a lock held when returning to userspace1. This is because if argc is less than 0 and the function returns directly, the held inode lock is not released. Fix this by...

6AI score0.00136EPSS
Exploits0References2
CVE
CVE
added 2025/01/31 11:25 a.m.146 views

CVE-2025-21672

CVE-2025-21672 concerns the Linux kernel, specifically the afs module, where a fix guards against a lock being left held when returning to userspace. The root cause is described as a scenario where if argc is less than 0 and a function returns directly, an inode mutex lock is not released. The pa...

5.5CVSS6.9AI score0.00136EPSS
Exploits0References2Affected Software1
SUSE CVE
SUSE CVE
added 2024/10/21 3:47 p.m.9 views

SUSE CVE-2024-47679

In the Linux kernel, the following vulnerability has been resolved: vfs: fix race between eviceinodes and findinode&iput Hi, all Recently I noticed a bug1 in btrfs, after digged it into and I believe it'a race in vfs. Let's assume there's a inode ie ino 261 with icount 1 is called by iput, and...

4.7CVSS6.3AI score0.00194EPSS
Exploits0References21
RedhatCVE
RedhatCVE
added 2024/10/10 4:29 p.m.16 views

CVE-2024-47660

In the Linux kernel, the following vulnerability has been resolved: fsnotify: clear PARENTWATCHED flags lazily In some setups directories can have many usually negative dentries. Hence fsnotifyupdatechilddentryflags function can take a significant amount of time. Since the bulk of this function...

4.7CVSS7.1AI score0.00159EPSS
Exploits0References4
OSV
OSV
added 2024/09/18 8:15 a.m.1 views

DEBIAN-CVE-2024-46734

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between direct IO write and fsync when using same fd If we have 2 threads that are using the same file descriptor and one of them is doing direct IO writes while the other is doing fsync, we have a race where we c...

4.7CVSS5.6AI score0.00178EPSS
Exploits0References1
OSV
OSV
added 2024/09/18 8:15 a.m.0 views

UBUNTU-CVE-2024-46734

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between direct IO write and fsync when using same fd If we have 2 threads that are using the same file descriptor and one of them is doing direct IO writes while the other is doing fsync, we have a race where we c...

4.7CVSS6.4AI score0.00178EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2024/08/22 2:58 a.m.6 views

SUSE CVE-2024-43882

In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening a file for exec via dofilpopen, permission checking is done against the file's metadata at that moment, and on success, a file pointer is passed back. Much...

7CVSS6.8AI score0.00242EPSS
Exploits1References33
OSV
OSV
added 2024/08/21 1:15 a.m.4 views

DEBIAN-CVE-2024-43882

In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening a file for exec via dofilpopen, permission checking is done against the file's metadata at that moment, and on success, a file pointer is passed back. Much...

7CVSS6.2AI score0.00242EPSS
Exploits1References1
OSV
OSV
added 2024/08/21 1:15 a.m.3 views

UBUNTU-CVE-2024-43882

In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening a file for exec via dofilpopen, permission checking is done against the file's metadata at that moment, and on success, a file pointer is passed back. Much...

8.4CVSS6.5AI score0.00242EPSS
Exploits1References30
Debian CVE
Debian CVE
added 2024/08/21 12:10 a.m.16 views

CVE-2024-43882

In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening a file for exec via dofilpopen, permission checking is done against the file's metadata at that moment, and on success, a file pointer is passed back. Much...

8.4CVSS6.2AI score0.00242EPSS
Exploits1
CNNVD
CNNVD
added 2024/07/29 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a request pointer being changed to point to a lock entry that has just been added to the inode list when usi...

7CVSS6.9AI score0.00258EPSS
Exploits0References8
AstraLinux
AstraLinux
added 2024/06/26 1:32 p.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: btrfs: fixed a race condition between direct IO writes and fsync operations when using the same file descriptor. If we have two threads that use the same file descriptor, and one of them performs direct IO writes while the other...

4.7CVSS6.3AI score0.00178EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2024/05/28 3:1 p.m.2 views

SUSE CVE-2023-52737

In the Linux kernel, the following vulnerability has been resolved: btrfs: lock the inode in shared mode before starting fiemap Currently fiemap does not take the inode's lock VFS lock, it only locks a file range in the inode's io tree. This however can lead to a deadlock if we have a concurrent...

5.5CVSS6.3AI score0.00212EPSS
Exploits0References9
OSV
OSV
added 2024/05/21 4:15 p.m.2 views

DEBIAN-CVE-2023-52737

In the Linux kernel, the following vulnerability has been resolved: btrfs: lock the inode in shared mode before starting fiemap Currently fiemap does not take the inode's lock VFS lock, it only locks a file range in the inode's io tree. This however can lead to a deadlock if we have a concurrent...

5.5CVSS5.8AI score0.00212EPSS
Exploits0References1
OSV
OSV
added 2024/05/21 4:15 p.m.4 views

AZL-55416 CVE-2023-52737 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: btrfs: lock the inode in shared mode before starting fiemap Currently fiemap does not take the inode's lock VFS lock, it only locks a file range in the inode's io tree. This however can lead to a deadlock if we have a concurrent...

5.5CVSS6.3AI score0.00212EPSS
Exploits0References1
OSV
OSV
added 2024/05/21 4:15 p.m.3 views

UBUNTU-CVE-2023-52737

In the Linux kernel, the following vulnerability has been resolved: btrfs: lock the inode in shared mode before starting fiemap Currently fiemap does not take the inode's lock VFS lock, it only locks a file range in the inode's io tree. This however can lead to a deadlock if we have a concurrent...

5.5CVSS6.3AI score0.00212EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/05/21 3:23 p.m.19 views

CVE-2023-52737 btrfs: lock the inode in shared mode before starting fiemap

In the Linux kernel, the following vulnerability has been resolved: btrfs: lock the inode in shared mode before starting fiemap Currently fiemap does not take the inode's lock VFS lock, it only locks a file range in the inode's io tree. This however can lead to a deadlock if we have a concurrent...

6.8AI score0.00212EPSS
Exploits0References3
CVE
CVE
added 2024/05/21 3:23 p.m.91 views

CVE-2023-52737

CVE-2023-52737: In the Linux kernel, when using Btrfs, fiemap could deadlock with an in-flight fsync due to not taking the inode lock (i_mutex) before fiemap operations. The root cause is that fiemap_fill_next_extent() could fault while accessing user space buffers, which creates a lock-order cyc...

5.5CVSS7AI score0.00212EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder