Lucene search
K

59 matches found

nvd
nvd
added 2025/09/15 2:15 p.m.19 views

CVE-2023-53172

In the Linux kernel, the following vulnerability has been resolved: fsverity: reject FSIOCENABLEVERITY on mode 3 fds Commit 56124d6c87fd "fsverity: support enabling with tree block size fmode & FMODEREAD' in kernelread became reachable by fuzz tests. This happens if FSIOCENABLEVERITY is called on...

5.5CVSS0.00128EPSS
Exploits0References2
osv
osv
added 2025/09/15 2:15 p.m.5 views

DEBIAN-CVE-2023-53172

In the Linux kernel, the following vulnerability has been resolved: fsverity: reject FSIOCENABLEVERITY on mode 3 fds Commit 56124d6c87fd "fsverity: support enabling with tree block size fmode & FMODEREAD' in kernelread became reachable by fuzz tests. This happens if FSIOCENABLEVERITY is called on...

5.5CVSS5.4AI score0.00128EPSS
Exploits0References1
osv
osv
added 2025/09/15 2:4 p.m.7 views

CVE-2023-53172 fsverity: reject FS_IOC_ENABLE_VERITY on mode 3 fds

In the Linux kernel, the following vulnerability has been resolved: fsverity: reject FSIOCENABLEVERITY on mode 3 fds Commit 56124d6c87fd "fsverity: support enabling with tree block size fmode & FMODEREAD' in kernelread became reachable by fuzz tests. This happens if FSIOCENABLEVERITY is called on...

5.5CVSS6.1AI score0.00128EPSS
Exploits0References5
cvelist
cvelist
added 2025/09/15 2:4 p.m.10 views

CVE-2023-53172 fsverity: reject FS_IOC_ENABLE_VERITY on mode 3 fds

In the Linux kernel, the following vulnerability has been resolved: fsverity: reject FSIOCENABLEVERITY on mode 3 fds Commit 56124d6c87fd "fsverity: support enabling with tree block size fmode & FMODEREAD' in kernelread became reachable by fuzz tests. This happens if FSIOCENABLEVERITY is called on...

0.00128EPSS
Exploits0References2
cve
cve
added 2025/09/15 2:4 p.m.24 views

CVE-2023-53172

CVE-2023-53172 concerns the Linux kernel fsverity feature. A change to FS_IOC_ENABLE_VERITY made it read data via __kernel_read() instead of direct pagecache, which made the WARN_ON_ONCE path reachable when the FD was opened with ioctl-only mode (mode 3). The fix is to reject FS_IOC_ENABLE_VERITY...

5.5CVSS6AI score0.00128EPSS
Exploits0References2Affected Software1
cnnvd
cnnvd
added 2025/07/07 12:0 a.m.2 views

Frauscher Sensortechnik多款产品 操作系统命令注入漏洞

Frauscher Sensortechnik FDS102 and others are a diagnostic system device from Frauscher. An operating system command injection vulnerability exists in various Frauscher Sensortechnik products, which stems from improper neutralization of special elements when loading a configuration file from a US...

6.8CVSS7.3AI score0.0078EPSS
Exploits0References2
susecve
susecve
added 2024/08/18 2:2 a.m.11 views

SUSE CVE-2024-42265

In the Linux kernel, the following vulnerability has been resolved: protect the fetch of -fdfd in dodup2 from mispredictions both callers have verified that fd is not greater than -maxfds; however, misprediction might end up with tofree = fdt-fdfd; being speculatively executed. That's wrong for t...

5.3CVSS6.5AI score0.00281EPSS
Exploits0References24
ossf
ossf
added 2024/06/25 12:21 p.m.1 views

Malicious code in @nobixe9651/ng-fds (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0References1
osv
osv
added 2024/06/25 12:21 p.m.4 views

MAL-2024-2754 Malicious code in @nobixe9651/ng-fds (npm)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0References1
cnnvd
cnnvd
added 2024/06/05 12:0 a.m.5 views

ABB KNX Information Disclosure Vulnerability

ABB KNX is a smart home and building automation system from ABB Switzerland. An information disclosure vulnerability exists in ABB KNX that stems from the presence of an FDSK leakage issue, which would allow an attacker to gain control by accessing the local KNX bus system...

9.6CVSS6.2AI score0.00274EPSS
Exploits0References2
osv
osv
added 2024/05/24 3:15 p.m.0 views

DEBIAN-CVE-2021-47505

In the Linux kernel, the following vulnerability has been resolved: aio: fix use-after-free due to missing POLLFREE handling signalfdpoll and binderpoll are special in that they use a waitqueue whose lifetime is the current task, rather than the struct file as is normally the case. This is okay f...

7.8CVSS6.1AI score0.00252EPSS
Exploits0References1
susecve
susecve
added 2024/05/14 3:34 a.m.3 views

SUSE CVE-2023-52656

In the Linux kernel, the following vulnerability has been resolved: iouring: drop any code related to SCMRIGHTS This is dead code after we dropped support for passing iouring fds over SCMRIGHTS, get rid of it...

7.8CVSS6.5AI score0.00296EPSS
Exploits0References13
cvelist
cvelist
added 2024/05/13 1:12 p.m.14 views

CVE-2023-52656 io_uring: drop any code related to SCM_RIGHTS

In the Linux kernel, the following vulnerability has been resolved: iouring: drop any code related to SCMRIGHTS This is dead code after we dropped support for passing iouring fds over SCMRIGHTS, get rid of it...

7AI score0.00296EPSS
Exploits0References7
mscve
mscve
added 2024/02/28 8:0 a.m.52 views

GitHub: CVE-2024-21626 Container breakout through process.cwd trickery and leaked fds

...

8.6CVSS7.1AI score0.18087EPSS
Exploits18
osv
osv
added 2023/06/08 9:15 p.m.7 views

AZL-27112 CVE-2023-29403 affecting package golang for versions less than 1.20.7-1

On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be dangerous in certain cases, such as when dumping memory state, or assuming the status of standard i/o file descriptors. If a setuid/setgid binary is executed with standard I...

7.8CVSS6.8AI score0.00432EPSS
Exploits0References1
snyk
snyk
added 2023/03/01 8:18 a.m.1 views

Malicious Package

Overview @nobixe9651/ng-fds is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this packag...

9.8CVSS7.1AI score
Exploits0References3
ptsecurity
ptsecurity
added 2022/12/08 12:0 a.m.3 views

PT-2022-36381 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.225 Description: The issue is related to the 9p/trans fd functionality, where it does not always use O NONBLOCK for read/write operations. The actual impact and potential for attack have not been proven yet...

7.2AI score
Exploits0References1
nvd
nvd
added 2022/08/29 3:15 p.m.16 views

CVE-2022-0669

A flaw was found in dpdk. This flaw allows a malicious vhost-user master to attach an unexpected number of fds as ancillary data to VHOSTUSERGETINFLIGHTFD / VHOSTUSERSETINFLIGHTFD messages that are not closed by the vhost-user slave. By sending such messages continuously, the vhost-user master...

6.5CVSS0.00283EPSS
Exploits0References5
ossf
ossf
added 2022/06/20 9:13 p.m.3 views

Malicious code in fds-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 634a323d44eed8a0b732457cafcc0b0a9617eeed8b934cbbf542cb02e3ca2f49 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
osv
osv
added 2022/06/17 11:3 a.m.2 views

OESA-2022-1713 dpdk security update

DPDK core includes kernel modules, core libraries and tools. testpmd application allows to test fast packet processing environments on arm64 platforms. For instance, it can be used to check that environment can support fast path applications such as 6WINDGate, pktgen, rumptcpip, etc. More librari...

7.5CVSS6.8AI score0.01259EPSS
Exploits0References3
Rows per page
Query Builder