122 matches found
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from mishandling of eventfd errors, which could lead to a resource leak...
K000150939: cURL vulnerability CVE-2025-0665
Security Advisory Description libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve. CVE-2025-0665 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory...
eventfd double close
...
The vulnerability of the eventfd file descriptor in the libcurl library allows a attacker to execute arbitrary code or disclose protected information.
The vulnerability of the eventfd file descriptor in the libcurl library is related to multiple releases of the same resource or descriptor. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or disclose sensitive information...
Linux Distros Unpatched Vulnerability : CVE-2024-26812
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vfio/pci: Create persistent INTx handler A vulnerability exists where the eventfd for INTx signaling can be deconfigured, which unregisters the IRQ handler but...
ROS-20250226-14
A vulnerability in the gzipdowrite function of the zlib compression library of the cURL command-line utility is related to an integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely, bypass the ASLR protection mechanism, execute arbitrary code, or cause a denia...
ROS-20250226-34
A vulnerability in the gzipdowrite function of the zlib compression library of the cURL command-line utility is related to an integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely, bypass the ASLR protection mechanism, execute arbitrary code, or cause a denia...
Duplicate Operations On Resource
libcurl is vulnerable to Duplicate Operations on Resource. The vulnerability is due to improper handling of eventfd file descriptors due to closing the same descriptor twice after completing a threaded name resolution, which may lead to unexpected behavior or resource leaks...
SUSE CVE-2025-0665
libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve...
[slackware-security] curl
New curl packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/curl-8.12.0-i586-1slack15.0.txz: Upgraded. This release fixes the following security issues: gzip integer overflow eventfd double close...
CVE-2025-0665
libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve...
ALPINE-CVE-2025-0665
libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve...
DEBIAN-CVE-2025-0665
libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve...
AZL-56692 CVE-2025-0665 affecting package curl for versions less than 8.11.1-3
libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve...
CVE-2025-0665
libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve...
CVE-2025-0665 eventfd double close
libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve...
CVE-2025-0665 eventfd double close
libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve...
CVE-2025-0665
CVE-2025-0665 affects libcurl/curl. The issue is double-closing the same eventfd file descriptor when bringing down a connection channel after a threaded name resolve, leading to potential instability and misbehavior. Several sources note that this can allow a remote attacker to execute arbitrary...
CVE-2025-0665 eventfd double close
libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve...
CVE-2025-0665
libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve...