26 matches found
EUVD-2025-12999
Malicious code in bioql PyPI...
EUVD-2024-21863
Malicious code in bioql PyPI...
CVE-2024-24444
Improper file descriptor handling for closed connections in OpenAirInterface CN5G AMF oai-cn5g-amf up to v2.0.0 allows attackers to cause a Denial of Service DoS by repeatedly establishing SCTP connections with the N2 interface...
PT-2025-18484 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability has been resolved in the Linux kernel. The issue is related to the 9p protocol and file descriptor handling. Specifically, when the file descriptor refers to a pipe, th...
CVE-2024-43066
Memory corruption while handling file descriptor during listener registration/de-registration...
CVE-2024-43066
CVE-2024-43066 describes a memory corruption condition that occurs when processing file descriptors during listener registration or de-registration. Multiple connected sources attribute this to Qualcomm components (including bootloader and kernel or Qualcomm closed-source components) and to Qualc...
PT-2025-15190 · Qualcomm · Qualcomm Snapdragon Auto
Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon Auto affected versions not specified Description: The issue is related to memory corruption that occurs while handling file descriptors during listener registration or de-registration. Recommendations: At the moment, there...
CVE-2024-24444
Improper file descriptor handling for closed connections in OpenAirInterface CN5G AMF oai-cn5g-amf up to v2.0.0 allows attackers to cause a Denial of Service DoS by repeatedly establishing SCTP connections with the N2 interface...
CVE-2024-24444
OpenAirInterface CN5G AMF (oai-cn5g-amf) up to v2.0.0 is affected by CVE-2024-24444 due to improper file descriptor handling for closed connections. An attacker can cause a Denial of Service by repeatedly establishing SCTP connections with the N2 interface. Impact: high availability risk; attack ...
CVE-2022-48801
In the Linux kernel, the following vulnerability has been resolved: iio: buffer: Fix file related error handling in IIOBUFFERGETFDIOCTL If we fail to copy the just created file descriptor to userland, we try to clean up by putting back 'fd' and freeing 'ib'. The code uses putunusedfd for the form...
The vulnerability in the set of VMware Tools relates to improper privilege assignment, allowing a malicious actor to circumvent existing security restrictions.
The vulnerability of the VMware Tools set is related to the vulnerability of handling the file descriptor in the vmware-user-suid-wrapper layer. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions remotely...
USN-6619-1 runc vulnerability
Rory McNamara discovered that runC did not properly manage internal file descriptor while managing containers. An attacker could possibly use this issue to obtain sensitive information or bypass container restrictions...
vmwgfx Driver File Descriptor Handling Privilege Escalation Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'vmwgfx Driver File Descriptor Handling Priv Esc', 'Description' = %q If the vmwgfx driver fails to copy the 'fencerep' object to userland, it tri...
USN-5704-1 dbus vulnerabilities
It was discovered that DBus incorrectly handled messages with invalid type signatures. A local attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service. CVE-2022-42010 It was discovered that DBus was incorrectly validating the length of arrays of fixed-lengt...
Security Bulletin: Publicly disclosed vulnerability from Kernel affects IBM Netezza Host Management
Summary Kernel is used by IBM Netezza Host Management. This bulletin provides mitigation for the reported CVE. Vulnerability Details CVEID: CVE-2022-22942 DESCRIPTION: Linux Kernel could allow a local authenticated attacker to obtain sensitive information, caused by improper file descriptor...
USN-5304-1 policykit-1 vulnerability
Kevin Backhouse discovered that PolicyKit incorrectly handled file descriptors. A local attacker could possibly use this issue to cause PolicyKit to crash, resulting in a denial of service...
MGASA-2021-0587 Updated golang packages fix security vulnerability
net/http: limit growth of header canonicalization cache CVE-2021-44716 syscall: don't close fd 0 on ForkExec error CVE-2021-44717...
The vulnerability of the runc command, a tool for starting isolated containers, is related to errors in processing file descriptors. This vulnerability allows an attacker to execute arbitrary code.
The vulnerability of the runc command, used to execute isolated containers, is related to errors in processing file descriptors. Exploiting this vulnerability allows an attacker to execute arbitrary code...
runc: Execution of malicious containers allows for container escape and access to host filesystem
A flaw was found in the way runc handled system file descriptors when running containers. A malicious container could use this flaw to overwrite contents of the runc binary and consequently run arbitrary commands on the container host system...
Malicious Container Execution
github.com/opencontainers/runc is vulnerable to Malicious Container Execution. It does not properly perform the file-descriptor handling which allows a malicious user to overwrite the host runc binary and subsequently executing containers such as 1 a new container with an attacker-controlled imag...