5 matches found
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: net/iucv: Fixed the issue where iucvsockclose was used after memory was freed. The iucvseverpath function is called from both process context and thread context. The iucv-path variable is used to indicate whether someone else ...
NocoDB: OAuth Authorization Code Race Condition
Summary Two concurrent token-exchange requests using the same OAuth authorization code could each mint a distinct valid accesstoken, refreshtoken pair, breaking the single-use guarantee that PKCE relies on. Details The token-exchange flow read isused and called markAsUsed as an unconditional upda...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005115)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005115 advisory. In the Linux kernel, the following vulnerability has been resolved: net/iucv: fix use after free in iucvsockclose iucvseverpath is called from process context and fr...
DEBIAN-CVE-2024-42271
In the Linux kernel, the following vulnerability has been resolved: net/iucv: fix use after free in iucvsockclose iucvseverpath is called from process context and from bh context. iucv-path is used as indicator whether somebody else is taking care of severing the path or it is already removed /...
UBUNTU-CVE-2024-42271
In the Linux kernel, the following vulnerability has been resolved: net/iucv: fix use after free in iucvsockclose iucvseverpath is called from process context and from bh context. iucv-path is used as indicator whether somebody else is taking care of severing the path or it is already removed /...