Lucene search
K

122 matches found

CNNVD
CNNVD
added 2025/05/01 12:0 a.m.5 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from mishandling of eventfd errors, which could lead to a resource leak...

5.5CVSS5.8AI score0.0014EPSS
Exploits0References2
F5 Networks
F5 Networks
added 2025/04/21 5:17 a.m.13 views

K000150939: cURL vulnerability CVE-2025-0665

Security Advisory Description libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve. CVE-2025-0665 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory...

7CVSS8.4AI score0.01253EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2025/03/13 7:0 a.m.4 views

eventfd double close

...

7CVSS8.6AI score0.01253EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2025/03/05 12:0 a.m.8 views

The vulnerability of the eventfd file descriptor in the libcurl library allows a attacker to execute arbitrary code or disclose protected information.

The vulnerability of the eventfd file descriptor in the libcurl library is related to multiple releases of the same resource or descriptor. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or disclose sensitive information...

10CVSS6.8AI score0.01253EPSS
Exploits1References6Affected Software3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2024-26812

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vfio/pci: Create persistent INTx handler A vulnerability exists where the eventfd for INTx signaling can be deconfigured, which unregisters the IRQ handler but...

5.5CVSS6.4AI score0.0024EPSS
Exploits0References3
Redos
Redos
added 2025/02/26 12:0 a.m.80 views

ROS-20250226-14

A vulnerability in the gzipdowrite function of the zlib compression library of the cURL command-line utility is related to an integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely, bypass the ASLR protection mechanism, execute arbitrary code, or cause a denia...

7.3CVSS7.4AI score0.01253EPSS
Exploits2
Redos
Redos
added 2025/02/26 12:0 a.m.6 views

ROS-20250226-34

A vulnerability in the gzipdowrite function of the zlib compression library of the cURL command-line utility is related to an integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely, bypass the ASLR protection mechanism, execute arbitrary code, or cause a denia...

7.3CVSS7.4AI score0.01253EPSS
Exploits2
Veracode
Veracode
added 2025/02/10 10:37 a.m.11 views

Duplicate Operations On Resource

libcurl is vulnerable to Duplicate Operations on Resource. The vulnerability is due to improper handling of eventfd file descriptors due to closing the same descriptor twice after completing a threaded name resolution, which may lead to unexpected behavior or resource leaks...

9.8CVSS9.3AI score0.01253EPSS
Exploits1References9Affected Software2
SUSE CVE
SUSE CVE
added 2025/02/06 3:48 a.m.3 views

SUSE CVE-2025-0665

libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve...

6.5CVSS7AI score0.01253EPSS
Exploits1References5
Slackware Linux
Slackware Linux
added 2025/02/05 11:54 p.m.47 views

[slackware-security] curl

New curl packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/curl-8.12.0-i586-1slack15.0.txz: Upgraded. This release fixes the following security issues: gzip integer overflow eventfd double close...

9.8CVSS7.5AI score0.01253EPSS
Exploits3
ATTACKERKB
ATTACKERKB
added 2025/02/05 10:15 a.m.2 views

CVE-2025-0665

libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve...

9.8CVSS5.8AI score0.01253EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2025/02/05 10:15 a.m.3 views

ALPINE-CVE-2025-0665

libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve...

7CVSS7AI score0.01253EPSS
Exploits1References1
OSV
OSV
added 2025/02/05 10:15 a.m.0 views

DEBIAN-CVE-2025-0665

libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve...

7CVSS8.2AI score0.01253EPSS
Exploits1References1
OSV
OSV
added 2025/02/05 10:15 a.m.4 views

AZL-56692 CVE-2025-0665 affecting package curl for versions less than 8.11.1-3

libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve...

7CVSS7.2AI score0.01253EPSS
Exploits1References1
NVD
NVD
added 2025/02/05 10:15 a.m.20 views

CVE-2025-0665

libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve...

7CVSS0.01253EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2025/02/05 9:16 a.m.23 views

CVE-2025-0665 eventfd double close

libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve...

9.4AI score0.01253EPSS
Exploits1References3
OSV
OSV
added 2025/02/05 9:16 a.m.15 views

CVE-2025-0665 eventfd double close

libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve...

7CVSS7.1AI score0.01253EPSS
Exploits1References8
CVE
CVE
added 2025/02/05 9:16 a.m.423 views

CVE-2025-0665

CVE-2025-0665 affects libcurl/curl. The issue is double-closing the same eventfd file descriptor when bringing down a connection channel after a threaded name resolve, leading to potential instability and misbehavior. Several sources note that this can allow a remote attacker to execute arbitrary...

7CVSS7AI score0.01253EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2025/02/05 9:16 a.m.17 views

CVE-2025-0665 eventfd double close

libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve...

0.01253EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2025/02/05 9:16 a.m.16 views

CVE-2025-0665

libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve...

7CVSS8.2AI score0.01253EPSS
Exploits1
Rows per page
Query Builder