CVE-2024-26689

In the Linux kernel, the following vulnerability has been resolved: ceph: prevent use-after-free in encodecapmsg In fs/ceph/caps.c, in encodecapmsg, "use after free" error was caught by KASAN at this line - 'cephbuffergetarg-xattrbuf;'. This implies before the refcount could be increment here, it...

CVE-2024-26689 ceph: prevent use-after-free in encode_cap_msg()

In the Linux kernel, the following vulnerability has been resolved: ceph: prevent use-after-free in encodecapmsg In fs/ceph/caps.c, in encodecapmsg, "use after free" error was caught by KASAN at this line - 'cephbuffergetarg-xattrbuf;'. This implies before the refcount could be increment here, it...

CVE-2024-26689

CVE-2024-26689 affects the Linux kernel via the Ceph subsystem: in fs/ceph/caps.c, encode_cap_msg() previously could perform a use-after-free due to a race between refcount increment and free in arg->xattr_buf handling. The race around ceph_buffer_get/ceph_buffer_put(ci->i_xattrs.blob) allo...

CVE-2024-26689 ceph: prevent use-after-free in encode_cap_msg()

In the Linux kernel, the following vulnerability has been resolved: ceph: prevent use-after-free in encodecapmsg In fs/ceph/caps.c, in encodecapmsg, "use after free" error was caught by KASAN at this line - 'cephbuffergetarg-xattrbuf;'. This implies before the refcount could be increment here, it...

CVE-2011-2198

The "insert-blank-characters" capability in caps.c in gnome-terminal vte before 0.28.1 allows remote authenticated users to cause a denial of service CPU and memory consumption and crash via a crafted file, as demonstrated by a file containing the string "\033100000000000000000@"...

CVE-2011-2198

CVE-2011-2198 affects the gnome-terminal component (vte) via the insert-blank-characters capability in caps.c, vulnerable before 0.28.1. A crafted escape sequence like "\033[100000000000000000@" can cause a DoS (high CPU/memory usage and crash) when processed by a remote authenticated user. Publi...