496 matches found
PT-2022-34609 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.9 Description: A potential issue exists in the Linux Kernel, related to a dentry leak in update sched domain debugfs. The actual impact and attack plausibility have not yet been proven. Recommendations: Fo...
kernel: In Overlayfs missing a check for a negative dentry before calling vfs_rename()
A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system...
kernel: In Overlayfs missing a check for a negative dentry before calling vfs_rename()
A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system...
PT-2024-11315 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 20798dfe249a Description: A NULL dereference vulnerability has been resolved in the Linux kernel. The issue occurs in the nfsd component, specifically in the nfs3svc encode getaclres function, where the dentry m...
GSD-2021-1000157 ovl: fix leaked dentry
ovl: fix leaked dentry This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.35 by commit 71d58457a8afc650da5d3292a7f7029317654d95, it was...
UVI-2021-1000161 ovl: fix leaked dentry
ovl: fix leaked dentry This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.35 by commit 71d58457a8afc650da5d3292a7f7029317654d95, it was...
GSD-2021-1000088 ovl: fix leaked dentry
ovl: fix leaked dentry This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.2 by commit d587cfaef72b1b6f4b2774827123bce91f497cc8, it was...
PT-2024-11150 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The vulnerability is related to the btrfs file system in the Linux kernel. When an inode is moved from one directory to another and both the inode and its previous parent directory wer...
PT-2024-11081 · Linux +4 · Linux Kernel +4
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.12.0-rc5 Description: The issue arises from the overlayfs not putting temporary dentry when there is a metacopy error, leading to dentry leaks when shutting down the related superblock. This results in busy...
USN-4426-1 linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities
Jason A. Donenfeld discovered that the ACPI implementation in the Linux kernel did not properly restrict loading SSDT code from an EFI variable. A privileged attacker could use this to bypass Secure Boot lockdown restrictions and execute arbitrary code in the kernel. CVE-2019-20908 Fan Yang...
PT-2020-12933 · None +2 · Aufs +2
Name of the Vulnerable Software and Affected Versions: aufs affected versions not specified Description: A local attacker could exploit the improper management of inode reference counts in the vfsub dentry open method to cause a denial of service attack. Recommendations: At the moment, there is n...
Oracle Linux 7 : kernel (ELSA-2017-2473)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2017-2473 advisory. - fs dentry name snapshots Miklos Szeredi 1471131 1470403 CVE-2017-7533 Tenable has extracted the preceding description block directly from the Oracle Linux...
kernel security and bug fix update
3.10.0-693.1.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-693.1.1 - fs dentry name snapshots Miklos Szeredi 1471131 1470403 CVE-2017-7533 -...
DEBIAN-CVE-2015-8953
fs/overlayfs/copyup.c in the Linux kernel before 4.2.6 uses an incorrect cleanup code path, which allows local users to cause a denial of service dentry reference leak via filesystem operations on a large file in a lower overlayfs layer...
CVE-2015-8953
fs/overlayfs/copyup.c in the Linux kernel before 4.2.6 uses an incorrect cleanup code path, which allows local users to cause a denial of service dentry reference leak via filesystem operations on a large file in a lower overlayfs layer...
UBUNTU-CVE-2015-8953
fs/overlayfs/copyup.c in the Linux kernel before 4.2.6 uses an incorrect cleanup code path, which allows local users to cause a denial of service dentry reference leak via filesystem operations on a large file in a lower overlayfs layer...
kernel: overlayfs: missing upper dentry verification before unlink and rename
It was found that the unlink and rename functionality in overlayfs did not verify the upper dentry for staleness. A local, unprivileged user could use the rename syscall on overlayfs on top of xfs to panic or crash the system...
kernel: overlayfs: missing upper dentry verification before unlink and rename
It was found that the unlink and rename functionality in overlayfs did not verify the upper dentry for staleness. A local, unprivileged user could use the rename syscall on overlayfs on top of xfs to panic or crash the system...
CVE-2016-5340
The isashmemfile function in drivers/staging/android/ashmem.c in a certain Qualcomm Innovation Center QuIC Android patch for the Linux kernel 3.x mishandles pointer validation within the KGSL Linux Graphics Module, which allows attackers to bypass intended access restrictions by using the /ashmem...
CVE-2016-5340
The isashmemfile function in drivers/staging/android/ashmem.c in a certain Qualcomm Innovation Center QuIC Android patch for the Linux kernel 3.x mishandles pointer validation within the KGSL Linux Graphics Module, which allows attackers to bypass intended access restrictions by using the /ashmem...