22 matches found
CVE-2026-11576
The security fix for CVE-2025-0728 in eclipse-threadx NetX Duo refactors error handling in the HTTP server PUT process to use a shared cleanup label, but this unified cleanup path unconditionally calls fxfileclose even when the file was never successfully opened. Multiple error branches jump to t...
Astra Linux - уязвимость в jackd2
In posix/JackSocket.cpp within the libjack library in JACK2 version 1.9.1 through 1.9.12 distributed with alsa-plugins 1.1.7 and later, there is an issue where “double file descriptor closes” occur during a failed connection attempt when jackd2 is not running. Successful exploitation depends on t...
CVE-2026-44601
A flaw was found in Tor. When the system experiences circuit queue memory pressure, a remote attacker could potentially trigger a double close of a circuit, leading to a client crash. This vulnerability can result in a Denial of Service DoS for affected Tor clients...
CVE-2026-44601
Tor before 0.4.9.7, when circuit queue memory pressure exists, can experience a client crash because of a double close of a circuit, aka TROVE-2026-009...
CVE-2026-44601
Tor before 0.4.9.7, when circuit queue memory pressure exists, can experience a client crash because of a double close of a circuit, aka TROVE-2026-009...
PT-2026-38336
Name of the Vulnerable Software and Affected Versions Tor versions prior to 0.4.9.7 Description A client crash can occur when circuit queue memory pressure exists due to a double close of a circuit. Recommendations Update to version 0.4.9.7 or later...
JLSEC-2026-421 libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection...
libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve...
Siemens SIMATIC and SCALANCE Multiple Releases of Same Resource or Handle (CVE-2025-0665)
libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...
Linux Distros Unpatched Vulnerability : CVE-2019-13351
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - posix/JackSocket.cpp in libjack in JACK2 1.9.1 through 1.9.12 as distributed with alsa-plugins 1.1.7 and later has a double file descriptor close issue during a...
Security update for gnuplot
This update for gnuplot fixes the following issues: CVE-2025-31178: unvalidated user input leads to segmentation fault on GetAnnotateString bsc1240327. CVE-2025-31179: improper verification of time values leads to segmentation fault on xstrftime bsc1240328. CVE-2025-31181: double fclose call lead...
eventfd double close
...
Curl < 8.12.0 Double Close (CVE-2025-0665)
libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 8090...
[slackware-security] curl
New curl packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/curl-8.12.0-i586-1slack15.0.txz: Upgraded. This release fixes the following security issues: gzip integer overflow eventfd double close...
CVE-2025-0665
libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve...
ALPINE-CVE-2025-0665
libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve...
AZL-56692 CVE-2025-0665 affecting package curl for versions less than 8.11.1-3
libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve...
DEBIAN-CVE-2025-0665
libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve...
CVE-2025-0665 eventfd double close
libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve...
CVE-2025-0665
libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve...
eventfd double close
libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve...