Lucene search
K

259 matches found

Debian CVE
Debian CVE
added 2025/02/26 1:54 a.m.11 views

CVE-2022-49062

In the Linux kernel, the following vulnerability has been resolved: cachefiles: Fix KASAN slab-out-of-bounds in cachefilessetvolumexattr Use the actual length of volume coherency data when setting the xattr to avoid the following KASAN report. BUG: KASAN: slab-out-of-bounds in...

7.8CVSS6.1AI score0.00241EPSS
Exploits0
Cvelist
Cvelist
added 2025/02/26 1:54 a.m.24 views

CVE-2022-49062 cachefiles: Fix KASAN slab-out-of-bounds in cachefiles_set_volume_xattr

In the Linux kernel, the following vulnerability has been resolved: cachefiles: Fix KASAN slab-out-of-bounds in cachefilessetvolumexattr Use the actual length of volume coherency data when setting the xattr to avoid the following KASAN report. BUG: KASAN: slab-out-of-bounds in...

0.00241EPSS
Exploits0References2
CVE
CVE
added 2025/02/26 1:54 a.m.85 views

CVE-2022-49062

The CVE-2022-49062 issue affects the Linux kernel component cachefiles, specifically a KASAN slab-out-of-bounds in cachefiles_set_volume_xattr. The bug arose when the code did not use the actual length of volume coherency data while setting the xattr, leading to an out-of-bounds write (noted in K...

7.8CVSS5.1AI score0.00241EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/02/26 1:54 a.m.1 views

CVE-2022-49062 cachefiles: Fix KASAN slab-out-of-bounds in cachefiles_set_volume_xattr

In the Linux kernel, the following vulnerability has been resolved: cachefiles: Fix KASAN slab-out-of-bounds in cachefilessetvolumexattr Use the actual length of volume coherency data when setting the xattr to avoid the following KASAN report. BUG: KASAN: slab-out-of-bounds in...

6.2AI score0.00241EPSS
Exploits0References2
OSV
OSV
added 2025/02/26 1:54 a.m.12 views

CVE-2022-49062 cachefiles: Fix KASAN slab-out-of-bounds in cachefiles_set_volume_xattr

In the Linux kernel, the following vulnerability has been resolved: cachefiles: Fix KASAN slab-out-of-bounds in cachefilessetvolumexattr Use the actual length of volume coherency data when setting the xattr to avoid the following KASAN report. BUG: KASAN: slab-out-of-bounds in...

7.8CVSS5.1AI score0.00241EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/02/26 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from cachefilessetvolumexattr not properly using the actual length of the volume consistency data, which could le...

7.8CVSS5.5AI score0.00241EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/02/14 12:0 a.m.6 views

The vulnerability of the `cachefiles_ondemand_clean_object()` function (fs/cachefiles/ondemand.c) in the Linux kernel allows a malicious actor to exploit their privileges.

The vulnerability of the cachefilesondemandcleanobject function fs/cachefiles/ondemand.c in the Linux kernel is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to enhance their privileges...

5.8CVSS6.8AI score0.00275EPSS
Exploits0References29Affected Software5
BDU FSTEC
BDU FSTEC
added 2025/02/14 12:0 a.m.5 views

The vulnerability of the `cachefiles_ondemand_send_req()` function (fs/cachefiles/ondemand.c) in the Linux kernel allows a hacker to trigger a service failure.

The vulnerability of the cachefilesondemandsendreq function fs/cachefiles/ondemand.c in the Linux kernel is related to incorrect resource locking. Exploiting this vulnerability could allow an attacker to cause a service failure...

4.7CVSS6.5AI score0.00282EPSS
Exploits0References28Affected Software5
BDU FSTEC
BDU FSTEC
added 2025/02/12 12:0 a.m.7 views

The vulnerability of the cachefiles component in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the cachefiles component in the Linux operating system’s kernel is related to improper locking mechanisms. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.7AI score0.00165EPSS
Exploits0References23Affected Software4
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.2 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: cachefiles: A consistency check has been added for copen/cread operations. This prevents malicious processes from executing random copen/cread requests, which could potentially crash the system. The added checks are as follows...

5.5CVSS6.3AI score0.00211EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: cachefiles: All requests are flushed after setting CACHEFILESDEAD. In ondemand mode, when the daemon is processing an open request, if the kernel marks the cache as CACHEFILESDEAD, the cachefilesdaemonwrite function will always...

7.8CVSS5.9AI score0.00259EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: cachefiles: Cyclic allocation of msgid to avoid reuse. Reusing the msgid after a maliciously completed reopen request may cause a read request to remain unprocessed, resulting in a hung task, as shown below: t1 | t2 | t3...

7.8CVSS6.1AI score0.00282EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.2 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: cachefiles: fixed the slab-use-after-free issue in cachefileswithdrawcookie We encountered the following issue during our fault injection stress test: ================================================================== BUG: KASAN:...

7CVSS6.4AI score0.00275EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: cachefiles: fixed a slab-use-after-free in fscachewithdrawvolume We encountered the following issue during our fault injection stress test: ================================================================== BUG: KASAN:...

7.8CVSS6.8AI score0.00281EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.1 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: cachefiles: Set the object to close if ondemandid 0 in copen. If copen is called maliciously in user mode, it may delete the request corresponding to the random ID. Moreover, the request may not have been read yet...

7.8CVSS6AI score0.0022EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.2 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: “cachefiles”: requests are removed from xarray during flushing of requests. Even when the CACHEFILESDEAD flag is set, we can still read the requests. Therefore, in concurrent scenarios, a request may be accessed after it has been...

7.8CVSS6.1AI score0.00284EPSS
Exploits0References3
Amazon
Amazon
added 2025/02/05 12:0 a.m.5 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: sched: schmultiq: fix possible OOB write in multiqtune CVE-2024-36978 In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Check whether the media is initialized...

7.8CVSS7.1AI score0.00302EPSS
Exploits0
SUSE Linux
SUSE Linux
added 2025/02/03 8:51 a.m.13 views

Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-41014: xfs: add bounds checking to xlogrecoverprocessdata bsc1228408. CVE-2024-41013: xfs: do not walk off the end of a directory data block bsc1228405...

8.4CVSS8.2AI score0.02701EPSS
Exploits6References3622
SUSE Linux
SUSE Linux
added 2025/01/28 1:3 p.m.3 views

Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-150600105 fixes several issues. The following security issues were fixed: CVE-2024-40921: net: bridge: mst: pass vlan group directly to brmstvlansetstate bsc1227784. CVE-2024-40920: net: bridge: mst: fix suspicious rcu usage in brmstsetstate bsc1227781...

7.8CVSS7.6AI score0.00352EPSS
Exploits1References40
SUSE Linux
SUSE Linux
added 2025/01/28 1:3 p.m.0 views

Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506008 fixes several issues. The following security issues were fixed: CVE-2024-40921: net: bridge: mst: pass vlan group directly to brmstvlansetstate bsc1227784. CVE-2024-40920: net: bridge: mst: fix suspicious rcu usage in brmstsetstate bsc1227781...

7.3CVSS7.6AI score0.02701EPSS
Exploits1References20
Rows per page
Query Builder