220 matches found
SUSE CVE-2022-49064
In the Linux kernel, the following vulnerability has been resolved: cachefiles: unmark inode in use in error path Unmark inode in use if error encountered. If the in-use flag leakage occurs in cachefilesopenfile, Cachefiles will complain "Inode already in use" when later another cookie with the...
UBUNTU-CVE-2022-49064
In the Linux kernel, the following vulnerability has been resolved: cachefiles: unmark inode in use in error path Unmark inode in use if error encountered. If the in-use flag leakage occurs in cachefilesopenfile, Cachefiles will complain "Inode already in use" when later another cookie with the...
CVE-2024-4267
A remote code execution RCE vulnerability exists in the parisneo/lollms-webui, specifically within the 'openfile' module, version 9.5. The vulnerability arises due to improper neutralization of special elements used in a command within the 'openfile' function. An attacker can exploit this...
runc: file descriptor leak
A file descriptor leak issue was found in the runc package. While a user performs OCLOEXEC all file descriptors before executing the container code, the file descriptor is open when performing setcwd2, which means that the reference can be kept alive in the container by configuring the working...
cachefiles: fix dentry leak in cachefiles_open_file()
...
CVE-2024-50046
CVE-2024-50046: In the Linux kernel, a NULL-pointer dereference could occur in NFSv4 when copying files saved in the mountpoint (nfs42_complete_copies()), leading to an SMP kernel crash during state recovery for an open NFS file. The issue manifests as kernel oops and related logs and is resolved...
CVE-2024-50046 NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies()
In the Linux kernel, the following vulnerability has been resolved: NFSv4: Prevent NULL-pointer dereference in nfs42completecopies On the node of an NFS client, some files saved in the mountpoint of the NFS server were copied to another location of the same NFS server. Accidentally, the...
CVE-2024-50046 NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies()
In the Linux kernel, the following vulnerability has been resolved: NFSv4: Prevent NULL-pointer dereference in nfs42completecopies On the node of an NFS client, some files saved in the mountpoint of the NFS server were copied to another location of the same NFS server. Accidentally, the...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from a dentry leak in the cachefiles subsystem in the cachefilesopenfile function, which could lead to...
DEBIAN-CVE-2024-45025
In the Linux kernel, the following vulnerability has been resolved: fix bitmap corruption on closerange with CLOSERANGEUNSHARE copyfdbitmapsnew, old, count is expected to copy the first count/BITSPERLONG bits from old-fullfdsbits and fill the rest with zeroes. What it does is copying enough words...
CVE-2024-7734 Phoenix Contact: Multiple mGuard devices are vulnerable to a drain of open file descriptors.
An unauthenticated remote attacker can exploit the behavior of the pathfinder TCP encapsulation service by establishing a high number of TCP connections to the pathfinder TCP encapsulation service. The impact is limited to blocking of valid IPsec VPN peers...
SUSE CVE-2023-52909
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix handling of cached open files in nfsd4open codepath Commit fb70bf124b05 "NFSD: Instantiate a struct file when creating a regular NFSv4 file" added the ability to cache an open fd over a compound. There are a couple of...
DEBIAN-CVE-2023-52909
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix handling of cached open files in nfsd4open codepath Commit fb70bf124b05 "NFSD: Instantiate a struct file when creating a regular NFSv4 file" added the ability to cache an open fd over a compound. There are a couple of...
undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol
A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and...
Photon OS 4.0: Open PHSA-2023-4.0-0408
An update of the open package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0408. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
CVE-2024-6250
Summary (fact-grounded): CVE-2024-6250 affects parisneo/lollms-webui version 9.6. The vulnerability is an absolute path traversal in the open_file endpoint of lollms_advanced.py, where the sanitize_path function with allow_absolute_path=True enables reading arbitrary files and listing directories...
PT-2024-37482
Name of the Vulnerable Software and Affected Versions: parisneo/lollms-webui version 9.6 Description: An absolute path traversal issue exists, specifically in the "open file" endpoint of "lollms advanced.py". The sanitize path function with allow absolute path=True allows an attacker to access...
LoLLMs 命令注入漏洞
LoLLMs is a Web UI for a large language multimodal system by the individual developer Saifeddine ALOUI. A command injection vulnerability exists in LoLLMs that stems from the openfile function not neutralizing special elements used in user uploaded commands...
PT-2024-30098 · Unknown · Parisneo/Lollms-Webui
Name of the Vulnerable Software and Affected Versions: parisneo/lollms-webui version 9.5 Description: A remote code execution vulnerability exists in the parisneo/lollms-webui, specifically within the open file module. The vulnerability arises due to improper neutralization of special elements us...
PT-2024-20169 · Unknown · Merge Dicom Toolkit C/C++
Name of the Vulnerable Software and Affected Versions: Merge DICOM Toolkit C/C++ affected versions not specified Description: The issue is related to an out-of-bounds read when the MC Open File function is used to read malformed DICOM data, potentially resulting in over-reading of the memory buff...