golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the Root.Chmod function is replaced with a symbolic link during execution, specifically after Root.Chmod checks the target but before acting, the chmod operation will be performed on the file the...

golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the Root.Chmod function is replaced with a symbolic link during execution, specifically after Root.Chmod checks the target but before acting, the chmod operation will be performed on the file the...

golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the Root.Chmod function is replaced with a symbolic link during execution, specifically after Root.Chmod checks the target but before acting, the chmod operation will be performed on the file the...

golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the Root.Chmod function is replaced with a symbolic link during execution, specifically after Root.Chmod checks the target but before acting, the chmod operation will be performed on the file the...

golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the Root.Chmod function is replaced with a symbolic link during execution, specifically after Root.Chmod checks the target but before acting, the chmod operation will be performed on the file the...

EUVD-2025-203731

In the Linux kernel, the following vulnerability has been resolved: ceph: fix multifs mds auth caps issue The mds auth caps check should also validate the fsname along with the associated caps. Not doing so would result in applying the mds auth caps of one fs on to the other fs in a multifs ceph...

SUSE-SU-2025:20890-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_2

This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: - CVE-2024-49974: NFSD: limit the number of concurrent async COPY operations bsc1232384 - CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794 - CVE-2025-38206: exfat: fix double free in...

SUSE-SU-2025:20913-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_5

This update for kernel-livepatch-MICRO-6-0-RTUpdate5 fixes the following issues: - CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794 - CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 - CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretm...

EUVD-2025-5597

Malicious code in bioql PyPI...

EUVD-2022-15618

Malicious code in bioql PyPI...

Important: kernel-livepatch-5.10.240-238.959

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in cifsoplockbreak CVE-2025-38527 In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix backlog accounting in qdiscdequeueinternal CVE-2025-39677 In the...

CVE-2025-53081

Samsung DMS (Data Management Server) exposes CVE-2025-53081: an Arbitrary File Creation vulnerability that can let an attacker create arbitrary files in unintended filesystem locations. Exploitation is restricted to specific, authorized private IP addresses (internal exposure). The issue is repor...

Azure Linux 3.0 Security Update: python3 (CVE-2025-4517)

The version of python3 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-4517 advisory. - Allows arbitrary filesystem writes outside the extraction directory during extraction with filter=data. You...

jfs: Prevent copying of nlink with value 0 from disk inode

...

CVE-2024-21151

Vulnerability in the Oracle Solaris product of Oracle Systems component: Filesystem. The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successfu...

CVE-2025-37773

In the Linux kernel, the following vulnerability has been resolved: virtiofs: add filesystem context source name check In certain scenarios, for example, during fuzz testing, the source name may be NULL, which could lead to a kernel panic. Therefore, an extra check for the source name should be...

CVE-2025-30690

Vulnerability in the Oracle Solaris product of Oracle Systems component: Filesystem. The supported version that is affected is 11. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris...

CVE-2025-22114 btrfs: don't clobber ret in btrfs_validate_super()

In the Linux kernel, the following vulnerability has been resolved: btrfs: don't clobber ret in btrfsvalidatesuper Commit 2a9bb78cfd36 "btrfs: validate system chunk array at btrfsvalidatesuper" introduces a call to validatesyschunkarray in btrfsvalidatesuper, which clobbers the value of ret set...

The vulnerability of the smb2_send_interim_resp() function in the fs/ksmbd/smb2pdu.c module of the Linux file system support module allows a attacker to compromise the integrity of protected information or cause service failures.

The vulnerability of the smb2sendinterimresp function in the fs/ksmbd/smb2pdu.c module of the Linux file system support module is related to the use of the NULL pointer. Exploiting this vulnerability could allow an attacker to compromise the integrity of protected information or cause service...

Linux Distros Unpatched Vulnerability : CVE-2024-46695

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - selinux,smack: don't bypass permissions check in inodesetsecctx hook Marek Gresko reports that the root user on an NFS client is able to change the security...