Astra Linux - уязвимость в exim4

Exim 4 before 4.94.2 allows exposure of file descriptors to an unintended control sphere, because rdainterpret uses a privileged pipe without the closeonexec flag...

CVE-2025-68814 io_uring: fix filename leak in __io_openat_prep()

In the Linux kernel, the following vulnerability has been resolved: iouring: fix filename leak in ioopenatprep ioopenatprep allocates a struct filename using getname. However, for the condition of the file being installed in the fixed file table as well as having OCLOEXEC flag set, the function...

HSEC-2025-0006 Private key leak via inherited file descriptor

Private key leak via inherited file descriptor The X.509 key reading function readKeyFile opened a file descriptor to the private key without setting the close-on-exec flag. If a child process is execed at the same time, it would inherit that file descriptor and could read the private key materia...

runc: file descriptor leak

A file descriptor leak issue was found in the runc package. While a user performs OCLOEXEC all file descriptors before executing the container code, the file descriptor is open when performing setcwd2, which means that the reference can be kept alive in the container by configuring the working...

runc: file descriptor leak

A file descriptor leak issue was found in the runc package. While a user performs OCLOEXEC all file descriptors before executing the container code, the file descriptor is open when performing setcwd2, which means that the reference can be kept alive in the container by configuring the working...

runc: file descriptor leak

A file descriptor leak issue was found in the runc package. While a user performs OCLOEXEC all file descriptors before executing the container code, the file descriptor is open when performing setcwd2, which means that the reference can be kept alive in the container by configuring the working...

runc: file descriptor leak

A file descriptor leak issue was found in the runc package. While a user performs OCLOEXEC all file descriptors before executing the container code, the file descriptor is open when performing setcwd2, which means that the reference can be kept alive in the container by configuring the working...

SUSE CVE-2014-3956

The smcloseonexec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FDCLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program...

SUSE CVE-2020-28012

Exim 4 before 4.94.2 allows Exposure of File Descriptor to Unintended Control Sphere because rdainterpret uses a privileged pipe that lacks a close-on-exec flag...

DEBIAN-CVE-2020-28012

Exim 4 before 4.94.2 allows Exposure of File Descriptor to Unintended Control Sphere because rdainterpret uses a privileged pipe that lacks a close-on-exec flag...

Privilege Escalation

exim4 is vulnerable to privilege escalation. The vulnerability exists when allowfilter is true, using a missing close-on-exec flag for a privileged pipe...

CVE-2020-28012

Exim 4 before 4.94.2 allows Exposure of File Descriptor to Unintended Control Sphere because rdainterpret uses a privileged pipe that lacks a close-on-exec flag...

UBUNTU-CVE-2020-28012

Exim 4 before 4.94.2 allows Exposure of File Descriptor to Unintended Control Sphere because rdainterpret uses a privileged pipe that lacks a close-on-exec flag...

UBUNTU-CVE-2014-3956

The smcloseonexec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FDCLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program...