17 matches found
CVE-2026-31718
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in ksmbdclosefd via durable scavenger When a durable file handle survives session disconnect TCP close without SMB2LOGOFF, sessionfdcheck sets fp-conn = NULL to preserve the handle for later reconnection...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the persistent cleaner in ksmbd, which reuses memory after release in ksmbdclosefd, potentially...
SUSE CVE-2023-53990
In the Linux kernel, the following vulnerability has been resolved: SMB3: Add missing locks to protect deferred close file list cifsdeldeferredclose function has a critical section which modifies the deferred close file list. We must acquire deferredlock before calling cifsdeldeferredclose functi...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a lack of lock protection when modifying a delayed close file list, which could lead to data contention...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990752)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990752 advisory. In the Linux kernel, the following vulnerability has been resolved: fs: prevent out-of-bounds array speculation when closing a file descriptor Google-Bug-Id: 1141993...
EUVD-2022-55453
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-37952
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: Fix UAF in closefiletableids A use-after-free is possible if one thread destroys the file via ksmbdclosefd while another thread holds a reference to it...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from post-release reuse in closefiletableids...
runc: file descriptor leak
A file descriptor leak issue was found in the runc package. While a user performs OCLOEXEC all file descriptors before executing the container code, the file descriptor is open when performing setcwd2, which means that the reference can be kept alive in the container by configuring the working...
UBUNTU-CVE-2024-50187
In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Stop the active perfmon before being destroyed Upon closing the file descriptor, the active performance monitor is not stopped. Although all perfmons are destroyed in vc4perfmonclosefile, the active performance monitor's...
PT-2024-40571 · Git +1 · Ghostscript
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of UNKNOWN READ. The crash state involves several functions: chunk free object, file close file, and sclose. No...
runc: file descriptor leak
A file descriptor leak issue was found in the runc package. While a user performs OCLOEXEC all file descriptors before executing the container code, the file descriptor is open when performing setcwd2, which means that the reference can be kept alive in the container by configuring the working...
Malicious HTTP requests could close arbitrary opening file descriptors in cloud-hypervisor
...
golang: syscall: don't close fd 0 on ForkExec error
There's a flaw in golang's syscall.ForkExec interface. An attacker who manages to first cause a file descriptor exhaustion for the process, then cause syscall.ForkExec to be called repeatedly, could compromise data integrity and/or confidentiality in a somewhat uncontrolled way in programs linked...
OSV-2021-1708 UNKNOWN READ in chunk_free_object
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42491 Crash type: UNKNOWN READ Crash state: chunkfreeobject pdficlosefile pdfidereference...
golang: syscall: don't close fd 0 on ForkExec error
There's a flaw in golang's syscall.ForkExec interface. An attacker who manages to first cause a file descriptor exhaustion for the process, then cause syscall.ForkExec to be called repeatedly, could compromise data integrity and/or confidentiality in a somewhat uncontrolled way in programs linked...
SCADA DNP3 close file request
...