30 matches found
GHSA-7C37-GX6W-8VC5 gitsign --verify panics on empty-certificate PKCS7 and exits 0, bypassing exit-code callers
Summary CertVerifier.Verify in pkg/git/verifier.go unconditionally dereferences certs0 after sd.GetCertificates without checking the slice length. A CMS/PKCS7 signed message with an empty certificate set is a structurally valid DER payload; GetCertificates returns an empty slice with no error,...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: The flow rule object is released from the commit path. There is no need to delay this process until the commit release path, as no packets traverse this object at all. It is accessed only from the control...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: memleak flow rule from commit path Abort path release flow rule object, however, commit path does not. Update code to destroy these objects before releasing the transaction...
EUVD-2026-24788
In the Linux kernel, the following vulnerability has been resolved: ext4: publish jinode after initialization ext4inodeattachjinode publishes ei-jinode to concurrent users. It used to set ei-jinode before jbd2journalinitjbdinode, allowing a reader to observe a non-NULL jinode with ivfsinode still...
CVE-2026-31450
In the Linux kernel, the following vulnerability has been resolved: ext4: publish jinode after initialization ext4inodeattachjinode publishes ei-jinode to concurrent users. It used to set ei-jinode before jbd2journalinitjbdinode, allowing a reader to observe a non-NULL jinode with ivfsinode still...
CVE-2026-31450 ext4: publish jinode after initialization
In the Linux kernel, the following vulnerability has been resolved: ext4: publish jinode after initialization ext4inodeattachjinode publishes ei-jinode to concurrent users. It used to set ei-jinode before jbd2journalinitjbdinode, allowing a reader to observe a non-NULL jinode with ivfsinode still...
CVE-2026-32977
CVE-2026-32977 : OpenClaw before 2026.3.11 contains a sandbox boundary bypass in the fs-bridge writeFile commit step that uses an unanchored container path during the final move. A time-of-check–time-of-use race allows an attacker to modify parent paths inside the sandbox to redirect committed fi...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990370)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990370 advisory. In the Linux kernel, the following vulnerability has been resolved: nfs: fix UAF in direct writes In production we have been hitting the following warning...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989318)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989318 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: memleak flow rule from commit path Abort path release flow rule object,...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987630)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987630 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: memleak flow rule from commit path Abort path release flow rule object,...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986752)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986752 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: release flow rule object from commit path No need to postpone this to the...
AZL-71903 CVE-2023-53348 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock when aborting transaction during relocation with scrub Before relocating a block group we pause scrub, then do the relocation and then unpause scrub. The relocation process requires starting and committing a...
CVE-2023-53348 btrfs: fix deadlock when aborting transaction during relocation with scrub
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock when aborting transaction during relocation with scrub Before relocating a block group we pause scrub, then do the relocation and then unpause scrub. The relocation process requires starting and committing a...
DEBIAN-CVE-2022-49919
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: release flow rule object from commit path No need to postpone this to the commit release path, since no packets are walking over this object, this is accessed from control plane only. This helped uncovered UA...
CVE-2022-49919 netfilter: nf_tables: release flow rule object from commit path
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: release flow rule object from commit path No need to postpone this to the commit release path, since no packets are walking over this object, this is accessed from control plane only. This helped uncovered UA...
CVE-2022-49919 netfilter: nf_tables: release flow rule object from commit path
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: release flow rule object from commit path No need to postpone this to the commit release path, since no packets are walking over this object, this is accessed from control plane only. This helped uncovered UA...
SUSE CVE-2022-49358
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: memleak flow rule from commit path Abort path release flow rule object, however, commit path does not. Update code to destroy these objects before releasing the transaction...
DEBIAN-CVE-2022-49358
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: memleak flow rule from commit path Abort path release flow rule object, however, commit path does not. Update code to destroy these objects before releasing the transaction...
UBUNTU-CVE-2022-49358
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: memleak flow rule from commit path Abort path release flow rule object, however, commit path does not. Update code to destroy these objects before releasing the transaction...
CVE-2022-49358 netfilter: nf_tables: memleak flow rule from commit path
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: memleak flow rule from commit path Abort path release flow rule object, however, commit path does not. Update code to destroy these objects before releasing the transaction...