7 matches found
UBUNTU-CVE-2026-23410
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix race on rawdata dereference There is a race condition that leads to a use-after-free situation: because the rawdata inodes are not refcounted, an attacker can start opening one of the rawdata files, and at the same...
EUVD-2026-4573
The WP Youtube Video Gallery plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing nonce verification on the wpYTVideoGallerySettingSave function. This makes it possible for unauthenticated attackers to modify plugin...
Unity Linux 20.1060a Security Update: kernel (UTSA-2025-992911)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992911 advisory. In the Linux kernel, the following vulnerability has been resolved: nfsd: under NFSv4.1, fix double svcxprtput on rpccreate failure On error situation...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992519)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992519 advisory. In the Linux kernel, the following vulnerability has been resolved: nfsd: under NFSv4.1, fix double svcxprtput on rpccreate failure On error situation...
CVE-2022-50401 nfsd: under NFSv4.1, fix double svc_xprt_put on rpc_create failure
In the Linux kernel, the following vulnerability has been resolved: nfsd: under NFSv4.1, fix double svcxprtput on rpccreate failure On error situation clp-clcbconn.cbxprt should not be given a reference to the xprt otherwise both client cleanup and the error handling path of the caller call to pu...
CVE-2022-50401
In the Linux kernel, the following vulnerability has been resolved: nfsd: under NFSv4.1, fix double svcxprtput on rpccreate failure On error situation clp-clcbconn.cbxprt should not be given a reference to the xprt otherwise both client cleanup and the error handling path of the caller call to pu...
SUSE CVE-2022-49826
In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: fix double atahostput in atatportadd In the error path in atatportadd, when calling putdevice, atatportrelease is called, it will put the refcount of 'ap-host'. And then atahostput is called again, the...