79 matches found
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from discontinuous gaps during block allocation in btrfs. This issue causes an EEXIST error in the...
Astra Linux - уязвимость в linux-5.15, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix multiple LUNRESET handling This fix addresses a bug where the initiator assumes that a LUNRESET has cleaned up running commands, when in fact it hasn’t. The bug was introduced in commit 51ec502a3266 “target:...
CVE-2026-43399
A flaw was found in the Linux kernel's AMD GPU amdgpu driver. Specifically, a reference leak occurs in the amdgpuuserqwaitioctl function. This issue arises when an I/O control ioctl operation is aborted because the output array provided is insufficient. A local attacker could exploit this to caus...
CVE-2026-43360
A flaw was found in the Linux kernel's Btrfs file system. A malicious user can exploit this vulnerability by creating multiple files with names that result in the same hash. This action can trigger a transaction abort, causing the file system to switch into a read-only mode. This ultimately leads...
CVE-2026-43352
A flaw was found in the Linux kernel's I3C Improved Inter-Integrated Circuit Host Controller Interface HCI driver. Incorrect handling of DMA Direct Memory Access ring aborts can lead to the unintentional clearing of RINGCTRLENABLE. This action resets hardware ring pointers and disrupts the...
CVE-2026-41585
ZEBRA is a Zcash node written entirely in Rust. From zebrad versions 2.2.0 to before 4.3.1 and from zebra-rpc versions 1.0.0-beta.45 to before 6.0.2, a vulnerability in Zebra's JSON-RPC HTTP middleware allows an authenticated RPC client to cause a Zebra node to crash by disconnecting before the...
CVE-2026-43338
In the Linux kernel, the following vulnerability has been resolved: btrfs: reserve enough transaction items for qgroup ioctls Currently our qgroup ioctls don't reserve any space, they just do a transaction join, which does not reserve any space, neither for the quota tree updates nor for the...
CVE-2026-43338
In the Linux kernel, the following vulnerability has been resolved: btrfs: reserve enough transaction items for qgroup ioctls Currently our qgroup ioctls don't reserve any space, they just do a transaction join, which does not reserve any space, neither for the quota tree updates nor for the...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fixed the issue of NULL pointer dereferencing during certain command aborts. If a command is queued into the final usable TRB of a ring segment, the enqueue pointer is advanced to the next link TRB and nothing more. If...
CVE-2026-31581
In the Linux kernel, the following vulnerability has been resolved: ALSA: 6fire: fix use-after-free on disconnect In usb6firechipabort, the chip struct is allocated as the card's private data via sndcardnew with sizeofstruct sfirechip. When sndcardfreewhenclosed is called and no file handles are...
GHSA-VPJ2-69HF-RPPW OpenClaw: Browser control startup could continue unauthenticated after auth bootstrap failure
Summary When browser control started without explicit auth credentials, OpenClaw attempted to bootstrap auth automatically. In affected versions, if that bootstrap step threw an error, startup could continue and expose browser-control routes without authentication. Impact On affected deployments,...
PT-2026-26422
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.1 Description OpenClaw does not correctly manage authentication bootstrap errors during startup, which can allow browser-control routes to remain accessible without authentication. Local processes or...
CVE-2026-23214 btrfs: reject new transactions if the fs is fully read-only
In the Linux kernel, the following vulnerability has been resolved: btrfs: reject new transactions if the fs is fully read-only BUG There is a bug report where a heavily fuzzed fs is mounted with all rescue mount options, which leads to the following warnings during unmount: BTRFS: Transaction...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to reject new transactions when the file system is in a read-only state, potentially...
CVE-2025-15281
Calling wordexp with WRDEREUSE in conjunction with WRDEAPPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory in the wewordv member, which on subsequent calls to wordfree may abort the process...
CVE-2023-53838
A race condition was found in the F2FS filesystem's atomic write abort handling in the Linux kernel. Concurrent atomic write abort operations lack proper synchronization, which can lead to inconsistent COW copy-on-write inode state and potential use-after-free or data corruption scenarios...
SUSE CVE-2023-53838
In the Linux kernel, the following vulnerability has been resolved: f2fs: synchronize atomic write aborts To fix a race condition between atomic write aborts, I use the inode lock and make COW inode to be re-usable thoroughout the whole atomic file inode lifetime...
CVE-2023-53838
In the Linux kernel, the following vulnerability has been resolved: f2fs: synchronize atomic write aborts To fix a race condition between atomic write aborts, I use the inode lock and make COW inode to be re-usable thoroughout the whole atomic file inode lifetime...
CVE-2023-53838 f2fs: synchronize atomic write aborts
In the Linux kernel, the following vulnerability has been resolved: f2fs: synchronize atomic write aborts To fix a race condition between atomic write aborts, I use the inode lock and make COW inode to be re-usable thoroughout the whole atomic file inode lifetime...
CVE-2023-53838
In the Linux kernel, the following vulnerability has been resolved: f2fs: synchronize atomic write aborts To fix a race condition between atomic write aborts, I use the inode lock and make COW inode to be re-usable thoroughout the whole atomic file inode lifetime...