31 matches found
GHSA-W573-9FFJ-6FF9 Netty: Unix-socket fd receive leaks descriptors when peer sends two at once
nettyunixsocketrecvFd sets msgcontrol to char controlCMSGSPACEsizeofint line 940 — 24 bytes on 64-bit Linux. A peer-sent SCMRIGHTS cmsg carrying two ints has cmsglen = CMSGLEN8 = 24, which fits exactly with no MSGCTRUNC, so the kernel installs both fds in the receiving process. The subsequent che...
CVE-1999-0062
The chpass command in OpenBSD allows a local user to gain root access through file descriptor leakage...
EUVD-1999-0062
Malware in sbrugna...
PT-2024-3054
Name of the Vulnerable Software and Affected Versions Jetty versions prior to 9.4.54 Jetty versions prior to 10.0.20 Jetty versions prior to 11.0.20 Jetty versions prior to 12.0.6 Description The issue is related to an HTTP/2 SSL connection that is established and TCP congested, which will be...
runc: file descriptor leak
A file descriptor leak issue was found in the runc package. While a user performs OCLOEXEC all file descriptors before executing the container code, the file descriptor is open when performing setcwd2, which means that the reference can be kept alive in the container by configuring the working...
Rocky Linux 8 : virt:rhel and virt-devel:rhel (RLSA-2020:4676)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:4676 advisory. - libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ipreass in ipinput.c. CVE-2019-15890 - qemu/qemudriver.c in libvirt before 6.0.0...
Security Bulletin: A security vulnerability in Node.js affects IBM Cloud Pak for Multicloud Management Managed Service
Summary A security vulnerability in Node.js affects IBM Cloud Pak for Multicloud Management Managed Service. Vulnerability Details CVEID: CVE-2021-23840 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an integer overflow in CipherUpdate. By sending an overly long argument, an...
EulerOS Virtualization 2.9.1 : libvirt (EulerOS-SA-2021-1631)
According to the versions of the libvirt packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting informati...
Information Disclosure
libvirt is vulnerable to information disclosure. A file descriptor for /dev/mapper/control is leaked into the QEMU process. This file descriptor allows for privileged operations to be made against device mapper on the host...
CVE-2019-12210
In Yubico pam-u2f 1.0.7, when configured with debug and a custom debug log file is set using debugfile, that file descriptor is not closed when a new process is spawned. This leads to the file descriptor being inherited into the child process; the child process can then read from and write to it...
openSUSE Security Update : openssh (openSUSE-2018-1477)
This update for openssh fixes the following issues : Following security issues have been fixed : - CVE-2018-15473: OpenSSH was prone to a user existance oracle vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully...
CVE-2018-9275
In checkusertoken in util.c in the Yubico PAM module aka pamyubico 2.18 through 2.25, successful logins can leak file descriptors to the auth mapping file, which can lead to information disclosure serial number of a device and/or DoS reaching the maximum number of file descriptors...
BubbleMon 1.x Kernel Memory File Descriptor Leakage Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5714/info It has been reported that BubbleMon is vulnerable to a leakage of open file descriptors that may result in unauthorized disclosure of kernel memory. It is allegedly possible for attackers to inherit the open fil...
Apache 2.0.4x mod_php Module File Descriptor Leakage Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/9302/info Reportedly, the Apache modphp module may be prone to a vulnerability that may allow a local attacker to gain access to privileged file descriptors. As a result, the attacker may pose as a legitimate server and...
Apache 2.0.4x mod_perl Module File Descriptor Leakage Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9471/info A vulnerability has been reported to exist in the Apache modperl module that may allow local attackers to gain access to privileged file descriptors. This issue could be exploited by an attacker to hijack a...
xinetd security and bug fix update
2:2.3.14-19 - Correctly backport patches that fix the descriptor leakage - Related: 852274 -2:2.3.14-18 - Fix leaking file descriptors 852274 - Fix: Service disabled due to bind failure 811000 - CVE-2012-0862 xinetd: enables unintentional services over tcpmux port 788795...
socat security vulnerabilities
Buffer overflow, file descriptor leakage...
RedHat Update for libvirt RHSA-2013:0831-01
Check for the Version of libvirt OpenVAS Vulnerability Test RedHat Update for libvirt RHSA-2013:0831-01 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
CentOS Update for libvirt CESA-2013:0831 centos6
Check for the Version of libvirt OpenVAS Vulnerability Test CentOS Update for libvirt CESA-2013:0831 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
CentOS 6 : libvirt (CESA-2013:0831)
Updated libvirt packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...