165 matches found
EUVD-2024-53843
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-38707
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/ntfs3: Add sanity check for file name The length of the file name should be smaller than the directory entry size. CVE-2025-38707 Note that Nessus relies on...
SUSE CVE-2025-38707
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add sanity check for file name The length of the file name should be smaller than the directory entry size...
CVE-2025-38707
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add sanity check for file name The length of the file name should be smaller than the directory entry size...
DEBIAN-CVE-2025-38707
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add sanity check for file name The length of the file name should be smaller than the directory entry size...
AZL-66845 CVE-2025-38707 affecting package kernel for versions less than 6.6.104.2-1
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add sanity check for file name The length of the file name should be smaller than the directory entry size...
UBUNTU-CVE-2025-38707
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add sanity check for file name The length of the file name should be smaller than the directory entry size...
CVE-2025-38707 fs/ntfs3: Add sanity check for file name
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add sanity check for file name The length of the file name should be smaller than the directory entry size...
CVE-2025-38707 fs/ntfs3: Add sanity check for file name
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add sanity check for file name The length of the file name should be smaller than the directory entry size...
CVE-2025-38707
CVE-2025-38707 is a Linux-kernel NTFS3 file-name sanity-check vulnerability. The issue arises from a too-long file name not being validated against the directory-entry size, potentially enabling local escalation when processing NTFS names. The CVE entry in the initial doc shows a HIGH impact with...
kernel: ext4: fix off-by-one error in do_split
In the Linux kernel, the following vulnerability has been resolved: ext4: fix off-by-one error in dosplit Syzkaller detected a use-after-free issue in ext4insertdentry that was caused by out-of-bounds access due to incorrect splitting in dosplit. BUG: KASAN: use-after-free in...
CVE-2025-38615 fs/ntfs3: cancle set bad inode after removing name fails
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: cancle set bad inode after removing name fails The reproducer uses a file0 on a ntfs3 file system with a corrupted ilink. When renaming, the file0's inode is marked as a bad inode because the file name cannot be deleted...
Linux Distros Unpatched Vulnerability : CVE-2022-49879
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: fix BUGON when directory entry has invalid reclen The reclen field in the directory entry has to be a multiple of 4. A corrupted filesystem image can be...
Linux Distros Unpatched Vulnerability : CVE-2023-52444
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid dirent corruption As Al reported in link1: f2fsrename ... if olddir !=...
Linux Distros Unpatched Vulnerability : CVE-2024-42104
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nilfs2: add missing check for inode numbers on directory entries Syzbot reported that mounting and unmounting a specific pattern of corrupted nilfs2 filesystem...
smb: client: Fix use-after-free in cifs_fill_dirent
...
kernel: proc: fix UAF in proc_get_inode()
In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in procgetinode Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde-procops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc entry has been registered...
DEBIAN-CVE-2025-38051
In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free in cifsfilldirent There is a race condition in the readdir concurrency process, which may access the rsp buffer after it has been released, triggering the following KASAN warning...
AZL-64061 CVE-2025-38051 affecting package kernel for versions less than 6.6.96.1-1
In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free in cifsfilldirent There is a race condition in the readdir concurrency process, which may access the rsp buffer after it has been released, triggering the following KASAN warning...
kernel: proc: fix UAF in proc_get_inode()
In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in procgetinode Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde-procops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc entry has been registered...