273 matches found
Zed 安全漏洞
Zed is a code editor developed by Zed Industries. Versions of Zed prior to 0.227.1 contained security vulnerabilities. These vulnerabilities stemmed from the lack of shell references or validations for environment variable keys during SSH/WSL remote command execution. This allowed attackers to...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix an off-by-8 bounds check in checkwsleas The bounds check uses u8 ea + nlen + 1 + vlen as the end of the EA name and value. However, eadata is located at offset sizeofstruct smb2filefulleainfo = 8 from ea, not at...
CVE-2026-31614
A flaw was found in the Linux kernel's Server Message Block SMB client. An untrusted server can exploit an out-of-bounds read vulnerability within the checkwsleas function. This flaw allows the server to read up to 8 bytes beyond the intended memory boundary, leading to information disclosure. Th...
CVE-2026-31614
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix off-by-8 bounds check in checkwsleas The bounds check uses u8 ea + nlen + 1 + vlen as the end of the EA name and value, but eadata sits at offset sizeofstruct smb2filefulleainfo = 8 from ea, not at offset 0. The...
CVE-2026-31614
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix off-by-8 bounds check in checkwsleas The bounds check uses u8 ea + nlen + 1 + vlen as the end of the EA name and value, but eadata sits at offset sizeofstruct smb2filefulleainfo = 8 from ea, not at offset 0. The...
CVE-2026-21237
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally...
CVE-2026-21242
Use after free in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally...
CVE-2026-21242
Use after free in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally...
CVE-2026-21242
Use after free in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally...
CVE-2026-21237
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally...
CVE-2026-21237
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally...
CVE-2026-21237
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally...
CVE-2026-21242
Use after free in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally...
CVE-2026-21237 Windows Subsystem for Linux Elevation of Privilege Vulnerability
...
CVE-2026-21237
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally...
CVE-2026-21237
Technical details of CVE-2026-21237 are not publicly provided in the supplied documents; no affected products, vulnerable components, or fixes are described here. Monitor for updates from official sources.
CVE-2026-21237 Windows Subsystem for Linux Elevation of Privilege Vulnerability
...
CVE-2026-21242 Windows Subsystem for Linux Elevation of Privilege Vulnerability
...
CVE-2026-21242
Use after free in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally...
CVE-2026-21242
CVE-2026-21242 concerns a use-after-free vulnerability in Windows Subsystem for Linux. The issue allows an authorized local attacker to elevate privileges, as indicated by the CVSS 3.1 metrics (AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H) with a base score of 7.0 (HIGH). Affected components and exact ver...