Security update for perl

This update for perl fixes the following issues: CVE-2025-40909: do not change the current directory when cloning an open directory handle bsc1244079 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternative...

SUSE-SU-2025:02027-1 Security update for perl

This update for perl fixes the following issues: - CVE-2025-40909: Do not change the current directory when cloning an open directory handle bsc1244079...

Medium: perl

Issue Overview: Thread creation while a directory handle is open does a fchdir, affecting other threads race condition CVE-2025-40909 Affected Packages: perl Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2...

Important: perl

Issue Overview: Thread creation while a directory handle is open does a fchdir, affecting other threads race condition CVE-2025-40909 Affected Packages: perl Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2...

Important: perl

Issue Overview: Thread creation while a directory handle is open does a fchdir, affecting other threads race condition CVE-2025-40909 Affected Packages: perl Issue Correction: Run dnf update perl --releasever 2023.7.20250609 to update your system. New Packages: aarch64: ...

Medium: perl

Issue Overview: Thread creation while a directory handle is open does a fchdir, affecting other threads race condition CVE-2025-40909 Affected Packages: perl Issue Correction: Run dnf update perl --releasever 2023.7.20250609 or dnf update --advisory ALAS2023-2025-1007 --releasever 2023.7.20250609...

Medium: perl

Issue Overview: Thread creation while a directory handle is open does a fchdir, affecting other threads race condition CVE-2025-40909 Affected Packages: perl Issue Correction: Run yum update perl or yum update --advisory ALAS-2025-1981 to update your system. New Packages: i686: ...

DEBIAN-CVE-2025-40909

Perl threads have a working directory race condition where file operations may target unintended paths. If a directory handle is open at thread creation, the process-wide current working directory is temporarily changed in order to clone that handle for the new thread, which is visible from any...

CVE-2025-40909

Perl threads have a working directory race condition where file operations may target unintended paths. If a directory handle is open at thread creation, the process-wide current working directory is temporarily changed in order to clone that handle for the new thread, which is visible from any...

Race Condition Enabling Link Following and Time-of-check Time-of-use (TOCTOU)

The removedirall crate is a Rust library that offers additional features over the Rust standard library fs::removedirall function. It was possible to trick a privileged process doing a recursive delete in an attacker controlled directory into deleting privileged files, on all operating systems. F...

Information Disclosure

samba is vulnerable to information disclosure. A missing permissions check on a directory handle requesting ChangeNotify meant that a client with a directory handle open only for FILEREADATTRIBUTES minimal access rights could be used to obtain change notify replies from the server. These replies...

Samba 3.6.x < 4.11.15 / 4.12.x < 4.12.9 / 4.13.x < 4.13.1 Multiple Vulnerabilities

The version of Samba running on the remote host is 3.6.x prior to 4.11.15, 4.12.x prior to 4.12.9, or 4.13.x prior to 4.13.1. It is, therefore, potentially affected by multiple vulnerabilities, including the following: - A null pointer dereference flaw was found in samba's Winbind service in...

Missing handle permissions check in SMB1/2/3

Description The SMB1/2/3 protocols have a concept of "ChangeNotify", where a client can request file name notification on a directory handle when a condition such as "new file creation" or "file size change" or "file timestamp update" occurs. A missing permissions check on a directory handle...