2 matches found
CVE-2025-48769 Apache NuttX RTOS: fs/vfs/fs_rename: use after free
Use After Free vulnerability was discovered in fs/vfs/fsrename code of the Apache NuttX RTOS, that due recursive implementation and single buffer use by two different pointer variables allowed arbitrary user provided size buffer reallocation and write to the previously freed heap chunk, that in...
kernel: a race between inotify_handle_event() and sys_rename()
A race condition was found in the Linux kernel, present since v3.14-rc1 through v4.12. The race happens between threads of inotifyhandleevent and vfsrename while running the rename operation against the same file. As a result of the race the next slab data or the slab's free list pointer can be...