39 matches found
Astra Linux - уязвимость в linux-5.15, linux-6.1
A flaw was discovered in the filelockinit function in the fs/locks.c file within the Linux kernel. This issue can lead to host memory exhaustion, as memcg does not limit the number of POSIX file locks that can be created...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007332)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007332 advisory. A flaw was found in the filelockinit in fs/locks.c function in the Linux kernel. This issue can lead to host memory exhaustion due to memcg not limiting the number o...
SUSE CVE-2026-20897
Gitea does not properly validate repository ownership when deleting Git LFS locks. A user with write access to one repository may be able to delete LFS locks belonging to other repositories...
EUVD-2022-15618
Malicious code in bioql PyPI...
A flaw was found in the filelock_init in fs/locks.c function in the Linux kernel. This issue can lead to host memory exhaustion due to memcg not limiting the number of Portable Operating System Interface (POSIX) file locks.
...
firefox: thunderbird: Privilege escalation in Firefox Updater
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Mozilla Firefox's update mechanism allowed a medium-integrity user process to interfere with the SYSTEM-level updater by manipulating the file-locking behavior. By injecting code into the...
firefox: thunderbird: Privilege escalation in Firefox Updater
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Mozilla Firefox's update mechanism allowed a medium-integrity user process to interfere with the SYSTEM-level updater by manipulating the file-locking behavior. By injecting code into the...
firefox: thunderbird: Privilege escalation in Firefox Updater
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Mozilla Firefox's update mechanism allowed a medium-integrity user process to interfere with the SYSTEM-level updater by manipulating the file-locking behavior. By injecting code into the...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from file locks not being handled correctly in the ivpumscleanup function, which could lead to a deadlock...
Linux Distros Unpatched Vulnerability : CVE-2024-41012
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - filelock: Remove locks reliably when fcntl/close race is detected When fcntlsetlk races with close, it removes the created lock with dolockfilewait. However, LS...
kernel: filelock: Remove locks reliably when fcntl/close race is detected
In the Linux kernel, the following vulnerability has been resolved: filelock: Remove locks reliably when fcntl/close race is detected When fcntlsetlk races with close, it removes the created lock with dolockfilewait. However, LSMs can allow the first dolockfilewait that created the lock while...
CVE-2024-41012
In the Linux kernel, the following vulnerability has been resolved: filelock: Remove locks reliably when fcntl/close race is detected When fcntlsetlk races with close, it removes the created lock with dolockfilewait. However, LSMs can allow the first dolockfilewait that created the lock while...
CVE-2024-41012 filelock: Remove locks reliably when fcntl/close race is detected
In the Linux kernel, the following vulnerability has been resolved: filelock: Remove locks reliably when fcntl/close race is detected When fcntlsetlk races with close, it removes the created lock with dolockfilewait. However, LSMs can allow the first dolockfilewait that created the lock while...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: x86/xen: Drop USERGSSYSRET64 paravirt call CVE-2021-4440 In the Linux kernel, the following vulnerability has been resolved: net: sched: flower: protect flwalk with rcu CVE-2021-47402 A flaw was found in the...
kernel: memcg does not limit the number of POSIX file locks allowing memory exhaustion
A flaw was found in the filelockinit in fs/locks.c function in the Linux kernel. This issue can lead to host memory exhaustion due to memcg not limiting the number of Portable Operating System Interface POSIX file locks...
kernel: memcg does not limit the number of POSIX file locks allowing memory exhaustion
A flaw was found in the filelockinit in fs/locks.c function in the Linux kernel. This issue can lead to host memory exhaustion due to memcg not limiting the number of Portable Operating System Interface POSIX file locks...
Moderate: Red Hat Security Advisory: kernel-rt security and bug fix update
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. 'Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...
kernel: memcg does not limit the number of POSIX file locks allowing memory exhaustion
A flaw was found in the filelockinit in fs/locks.c function in the Linux kernel. This issue can lead to host memory exhaustion due to memcg not limiting the number of Portable Operating System Interface POSIX file locks...
RHEL 9 : kernel-rt (RHSA-2024:1303)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1303 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Securi...
kernel: memcg does not limit the number of POSIX file locks allowing memory exhaustion
A flaw was found in the filelockinit in fs/locks.c function in the Linux kernel. This issue can lead to host memory exhaustion due to memcg not limiting the number of Portable Operating System Interface POSIX file locks...