7 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Added an increment to the count field in struct tripstats, which represents the number of times the zone’s temperature exceeded the trip point. This increment must be performed in thermaldebugtztripup, for two...
GHSA-PJ6Q-4VQ4-R8CG Ech0 allows PUT /api/echo/like/:id unauthenticated: anonymous callers to modify any echo's fav_count
Summary PUT /api/echo/like/:id at internal/router/echo.go:12 is registered on PublicRouterGroup with no authentication and no rate limit. Anonymous callers increment the favcount counter on any echo including private echoes by UUID, repeat the request without deduplication, and trigger a database...
kernel: fs: fix UAF/GPF bug in nilfs_mdt_destroy
In the Linux kernel, the following vulnerability has been resolved: fs: fix UAF/GPF bug in nilfsmdtdestroy In allocinode, inodeinitalways could return -ENOMEM if securityinodealloc fails, which causes inode-iprivate uninitialized. Then nilfsismetadatafileinode returns true and nilfsfreeinode...
CVE-2025-22072
CVE-2025-22072 describes a Linux kernel flaw in the spufs subsystem related to gang directory lifetimes. The root cause involved improper handling of gang directories: on close, dentry pinning was broken and rmdir on close was removed, causing leaks when a gang context remained alive after the ga...
CVE-2022-49753 dmaengine: Fix double increment of client_count in dma_chan_get()
In the Linux kernel, the following vulnerability has been resolved: dmaengine: Fix double increment of clientcount in dmachanget The first time dmachanget is called for a channel the channel clientcount is incorrectly incremented twice for public channels, first in balancerefcount, and again prio...
CVE-2024-27006
In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Add missing count increment to thermaldebugtztripup The count field in struct tripstats, representing the number of times the zone temperature was above the trip point, needs to be incremented in...
CVE-2024-27006
In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Add missing count increment to thermaldebugtztripup The count field in struct tripstats, representing the number of times the zone temperature was above the trip point, needs to be incremented in...