Lucene search
K

496 matches found

Positive Technologies
Positive Technologies
added 2022/10/02 12:0 a.m.2 views

PT-2022-34609 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.9 Description: A potential issue exists in the Linux Kernel, related to a dentry leak in update sched domain debugfs. The actual impact and attack plausibility have not yet been proven. Recommendations: Fo...

7.2AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2021/12/21 9:47 a.m.3 views

kernel: In Overlayfs missing a check for a negative dentry before calling vfs_rename()

A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system...

4.7CVSS6.7AI score0.00213EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/12/21 9:33 a.m.7 views

kernel: In Overlayfs missing a check for a negative dentry before calling vfs_rename()

A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system...

4.7CVSS6.7AI score0.00213EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2021/07/06 12:0 a.m.10 views

PT-2024-11315 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 20798dfe249a Description: A NULL dereference vulnerability has been resolved in the Linux kernel. The issue occurs in the nfsd component, specifically in the nfs3svc encode getaclres function, where the dentry m...

5.5CVSS6.2AI score0.00236EPSS
Exploits0References15
OSV
OSV
added 2021/05/31 3:39 p.m.12 views

GSD-2021-1000157 ovl: fix leaked dentry

ovl: fix leaked dentry This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.35 by commit 71d58457a8afc650da5d3292a7f7029317654d95, it was...

7.2AI score
Exploits0
OSV
OSV
added 2021/05/31 3:39 p.m.7 views

UVI-2021-1000161 ovl: fix leaked dentry

ovl: fix leaked dentry This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.35 by commit 71d58457a8afc650da5d3292a7f7029317654d95, it was...

7.2AI score
Exploits0
OSV
OSV
added 2021/05/31 3:39 p.m.10 views

GSD-2021-1000088 ovl: fix leaked dentry

ovl: fix leaked dentry This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.2 by commit d587cfaef72b1b6f4b2774827123bce91f497cc8, it was...

7.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2021/05/14 12:0 a.m.5 views

PT-2024-11150 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The vulnerability is related to the btrfs file system in the Linux kernel. When an inode is moved from one directory to another and both the inode and its previous parent directory wer...

5.5CVSS6.5AI score0.00193EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2021/04/12 12:0 a.m.6 views

PT-2024-11081 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.12.0-rc5 Description: The issue arises from the overlayfs not putting temporary dentry when there is a metacopy error, leading to dentry leaks when shutting down the related superblock. This results in busy...

9.1CVSS6.7AI score0.01401EPSS
Exploits1References393
OSV
OSV
added 2020/07/27 10:46 p.m.7 views

USN-4426-1 linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities

Jason A. Donenfeld discovered that the ACPI implementation in the Linux kernel did not properly restrict loading SSDT code from an EFI variable. A privileged attacker could use this to bypass Secure Boot lockdown restrictions and execute arbitrary code in the kernel. CVE-2019-20908 Fan Yang...

7.8CVSS7AI score0.01314EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2020/04/15 12:0 a.m.5 views

PT-2020-12933 · None +2 · Aufs +2

Name of the Vulnerable Software and Affected Versions: aufs affected versions not specified Description: A local attacker could exploit the improper management of inode reference counts in the vfsub dentry open method to cause a denial of service attack. Recommendations: At the moment, there is n...

7.8CVSS7.2AI score0.01841EPSS
Exploits5References80
Tenable Nessus
Tenable Nessus
added 2017/08/16 12:0 a.m.30 views

Oracle Linux 7 : kernel (ELSA-2017-2473)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2017-2473 advisory. - fs dentry name snapshots Miklos Szeredi 1471131 1470403 CVE-2017-7533 Tenable has extracted the preceding description block directly from the Oracle Linux...

7CVSS6.7AI score0.01223EPSS
Exploits3References2
Oracle linux
Oracle linux
added 2017/08/15 12:0 a.m.69 views

kernel security and bug fix update

3.10.0-693.1.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-693.1.1 - fs dentry name snapshots Miklos Szeredi 1471131 1470403 CVE-2017-7533 -...

7CVSS1.9AI score0.01223EPSS
Exploits3
OSV
OSV
added 2016/10/16 9:59 p.m.1 views

DEBIAN-CVE-2015-8953

fs/overlayfs/copyup.c in the Linux kernel before 4.2.6 uses an incorrect cleanup code path, which allows local users to cause a denial of service dentry reference leak via filesystem operations on a large file in a lower overlayfs layer...

5.5CVSS7.2AI score0.00543EPSS
Exploits1References1
OSV
OSV
added 2016/10/16 9:59 p.m.8 views

CVE-2015-8953

fs/overlayfs/copyup.c in the Linux kernel before 4.2.6 uses an incorrect cleanup code path, which allows local users to cause a denial of service dentry reference leak via filesystem operations on a large file in a lower overlayfs layer...

5.5CVSS6.5AI score
Exploits0References10
OSV
OSV
added 2016/10/16 9:59 p.m.5 views

UBUNTU-CVE-2015-8953

fs/overlayfs/copyup.c in the Linux kernel before 4.2.6 uses an incorrect cleanup code path, which allows local users to cause a denial of service dentry reference leak via filesystem operations on a large file in a lower overlayfs layer...

5.5CVSS6.8AI score0.00543EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2016/09/15 7:39 a.m.6 views

kernel: overlayfs: missing upper dentry verification before unlink and rename

It was found that the unlink and rename functionality in overlayfs did not verify the upper dentry for staleness. A local, unprivileged user could use the rename syscall on overlayfs on top of xfs to panic or crash the system...

5.5CVSS7.1AI score0.00486EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2016/09/15 7:38 a.m.4 views

kernel: overlayfs: missing upper dentry verification before unlink and rename

It was found that the unlink and rename functionality in overlayfs did not verify the upper dentry for staleness. A local, unprivileged user could use the rename syscall on overlayfs on top of xfs to panic or crash the system...

5.5CVSS7.1AI score0.00486EPSS
Exploits0References4
android
android
added 2016/09/01 12:0 a.m.56 views

CVE-2016-5340

The isashmemfile function in drivers/staging/android/ashmem.c in a certain Qualcomm Innovation Center QuIC Android patch for the Linux kernel 3.x mishandles pointer validation within the KGSL Linux Graphics Module, which allows attackers to bypass intended access restrictions by using the /ashmem...

7.2CVSS5.6AI score0.00303EPSS
Exploits0References3
OSV
OSV
added 2016/08/07 9:59 p.m.3 views

CVE-2016-5340

The isashmemfile function in drivers/staging/android/ashmem.c in a certain Qualcomm Innovation Center QuIC Android patch for the Linux kernel 3.x mishandles pointer validation within the KGSL Linux Graphics Module, which allows attackers to bypass intended access restrictions by using the /ashmem...

7.8CVSS6.9AI score0.00303EPSS
Exploits0References5
Rows per page
Query Builder