7 matches found
GHSA-C3WQ-J5VH-68RC Hugo: Symlink confinement bypass in os.ReadFile
Affected versions: v0.123.0 through v0.163.0. Earlier versions are not affected. Fixed in: v0.163.1. Severity: Medium. Requires the attacker to be able to place or convince a site author to place a symlink inside a mounted directory — for example, inside a locally-vendored theme under themes/...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-409061)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-409061 advisory. In the Linux kernel, the following vulnerability has been resolved: ceph: remove the incorrect Fw reference check when dirtying pages When doing the direct-io reads ...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ceph: The incorrect reference check of Fw was removed when marking pages as dirty. When performing direct IO reads, the system will also attempt to mark pages as dirty. However, for the read path, it does not hold the Fw caps, an...
AZL-53799 CVE-2024-50179 affecting package kernel for versions less than 5.15.173.1-1
In the Linux kernel, the following vulnerability has been resolved: ceph: remove the incorrect Fw reference check when dirtying pages When doing the direct-io reads it will also try to mark pages dirty, but for the read path it won't hold the Fw caps and there is case will it get the Fw reference...
DEBIAN-CVE-2024-50179
In the Linux kernel, the following vulnerability has been resolved: ceph: remove the incorrect Fw reference check when dirtying pages When doing the direct-io reads it will also try to mark pages dirty, but for the read path it won't hold the Fw caps and there is case will it get the Fw reference...
CVE-2024-50179 ceph: remove the incorrect Fw reference check when dirtying pages
In the Linux kernel, the following vulnerability has been resolved: ceph: remove the incorrect Fw reference check when dirtying pages When doing the direct-io reads it will also try to mark pages dirty, but for the read path it won't hold the Fw caps and there is case will it get the Fw reference...
DEBIAN-CVE-2017-18224
In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service BUG by modifying a certain ecpos field...