PT-2024-6393 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the handling of cached open files in the nfsd4 open codepath. It's racy, as a newly-created nfsd file can end up with its PENDING bit cleared while the nf is...

CVE-2022-22942

The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the system through a dangling 'file' pointer...

DEBIAN-CVE-2022-22942

The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the system through a dangling 'file' pointer...

CVE-2022-22942

The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the system through a dangling 'file' pointer...

Privilege escalation

The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the system through a dangling 'file' pointer...

CVE-2022-22942

The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the system through a dangling 'file' pointer...

CVE-2022-22942

The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the system through a dangling 'file' pointer...

kernel: io_uring/msg_ring: Fix NULL pointer dereference in io_msg_send_fd()

In the Linux kernel, the following vulnerability has been resolved: iouring/msgring: Fix NULL pointer dereference in iomsgsendfd Syzkaller produced the below call trace: BUG: KASAN: null-ptr-deref in iomsgring+0x3cb/0x9f0 Write of size 8 at addr 0000000000000070 by task repro/16399 CPU: 0 PID:...

kernel: tools/power turbostat: Fix file pointer leak

In the Linux kernel, the following vulnerability has been resolved: tools/power turbostat: Fix file pointer leak Currently if a fscanf fails then an early return leaks an open file pointer. Fix this by fclosing the file before the return. Detected using static analysis with cppcheck:...

kernel: tools/power turbostat: Fix file pointer leak

In the Linux kernel, the following vulnerability has been resolved: tools/power turbostat: Fix file pointer leak Currently if a fscanf fails then an early return leaks an open file pointer. Fix this by fclosing the file before the return. Detected using static analysis with cppcheck:...

PT-2025-26115 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A file pointer leak has been identified in the Linux kernel, specifically in the tools/power turbostat component. This issue occurs when a fscanf fails, leading to an early return that...

SUSE CVE-2015-5589

The pharconverttoother function in ext/phar/pharobject.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 does not validate a file pointer before a close operation, which allows remote attackers to cause a denial of service segmentation fault or possibly have unspecified other...

PT-2022-11597 · Unknown · Chbrown Rfc6902

Name of the Vulnerable Software and Affected Versions: chbrown rfc6902 affected versions not specified Description: A problematic vulnerability has been found in chbrown rfc6902, affecting an unknown part of the file pointer.ts. The manipulation leads to improperly controlled modification of obje...

GSD-2022-1005309 tools/power turbostat: Fix file pointer leak

tools/power turbostat: Fix file pointer leak This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.2 by commit...

PT-2022-33567 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v5.19 through v5.19.1 Description: A file pointer leak was discovered in the power turbostat tool. The issue was introduced in version v5.19 and is fixed in version v5.19.2. The actual impact and attack plausibility have...

CVE-2022-22942

The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the system through a dangling 'file' pointer...

Horner Automation Cscape 缓冲区错误漏洞

Horner Automation Cscape is a suite of programming software for industrial control system development from Horner Automation. A buffer error vulnerability exists in Horner Automation Cscape, which arises when the product does not validate the validity of a pointer when parsing a project file, and...

Pixar OpenUSD binary file format offset seek information leak vulnerability

Summary An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles file offsets in binary USD files. A specially crafted malformed file can trigger an arbitrary out-of-bounds memory access that could lead to the disclosure of sensitive information. This vulnerability could be used...

Android - ashmem Readonly Bypasses via remap_file_pages() and ASHMEM_UNPIN

This bug report describes two ways in which an attacker can modify the contents of a read-only ashmem fd. I'm not sure at this point what the most interesting user of ashmem is in the current Android release, but there are various users, including Chrome and a bunch of utility classes. In AOSP...

Null pointer dereference

libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG file...