21 matches found
CVE-2023-43521
Memory corruption when multiple listeners are being registered with the same file descriptor...
EUVD-2004-2207
Malware in sbrugna...
EUVD-2013-1887
Malware in sbrugna...
EUVD-2021-12266
Malware in sbrugna...
EUVD-2007-0395
Malware in sbrugna...
EUVD-2012-5978
Malware in sbrugna...
EUVD-2005-2526
Malware in sbrugna...
EUVD-2002-1845
Malware in sbrugna...
EUVD-2011-4259
Malware in sbrugna...
EUVD-2022-26728
Malicious code in bioql PyPI...
CVE-2019-13351
posix/JackSocket.cpp in libjack in JACK2 1.9.1 through 1.9.12 as distributed with alsa-plugins 1.1.7 and later has a "double file descriptor close" issue during a failed connection attempt when jackd2 is not running. Exploitation success depends on multithreaded timing of that double close, which...
CVE-2022-21504
The code in UEK6 U3 was missing an appropiate file descriptor count to be missing. This resulted in a use count error that allowed a file descriptor to a socket to be closed and freed while it was still in use by another portion of the kernel. An attack with local access can operate on the socket...
SUSE-SU-2022:0363-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-0435: Fixed remote stack overflow in net/tipc module that validate domain record count on input bsc1195254. - CVE-2022-0330: Fixed flush TLBs befo...
CVE-2022-24448
An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the ODIRECTORY flag, and tries to open a regular file, nfsatomicopen performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns uninitialized data in...
Samsung SMR has an unspecified vulnerability
Samsung SMR is a system firmware from Samsung South Korea. It provides storage for system applications. A security vulnerability exists in SMR Mar-2021 Release 1, which stems from the fact that an incorrect implementation handles file descriptors that can lead to memory corruption, resulting in...
CVE-2004-2215
RXVT-Unicode 3.4 and 3.5 does not properly close file descriptors, which allows local users to access the terminals of other users and possibly gain privileges...
CVE-2004-1270
lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lppasswd is called, does not verify that the passwd.new file is different from STDERR, which allows local users to control output to passwd.new via certain user input that triggers...
CVE-2002-1372
Common Unix Printing System CUPS 1.1.14 through 1.1.17 does not properly check the return values of various file and socket operations, which could allow a remote attacker to cause a denial of service resource exhaustion by causing file descriptors to be assigned and not released, as demonstrated...
Xinetd 2.3.10 Memory Leaks
BACKGROUND ----------- Xinetd is a popular inetd replacement. Shortly after the 2.3.9 release in September 2002, it was realized that xinetd was leaking file descriptors. That problem turned out to be that file descriptors were not always being closed whenever a connection was rejected. 2.3.10 wa...
simpleinit root exploit - file descriptor left open
Background ---------- Simpleinit is an init program for Linux systems. It is included in the util-linux distribution. More information about simpleinit is available at http://www.atnf.csiro.au/people/rgooch/linux/boot-scripts/. Problem ------- Simpleinit leaves a file descriptor open in some chil...