Lucene search
K

112 matches found

RedhatCVE
RedhatCVE
added 2026/06/26 11:34 a.m.10 views

CVE-2026-52990

A flaw was found in the Linux kernel. A local attacker could exploit a race condition in the fsnotifyrecalcmask function, which fails to properly handle an inode reference. This improper handling can lead to an inode reference leak, causing tasks to hang and resulting in a Denial of Service DoS f...

5.5CVSS5.8AI score0.00175EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-52990

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fsnotify: fix inode reference leak in fsnotifyrecalcmask fsnotifyrecalcmask fails to handle the return value of fsnotifyrecalcmask, which may return an inode...

6AI score0.00175EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 6:32 p.m.7 views

EUVD-2026-38858

In the Linux kernel, the following vulnerability has been resolved: fsnotify: fix inode reference leak in fsnotifyrecalcmask fsnotifyrecalcmask fails to handle the return value of fsnotifyrecalcmask, which may return an inode pointer that needs to be released via fsnotifydropobject when the...

5.7AI score0.00175EPSS
Exploits0References5
NVD
NVD
added 2026/06/24 5:17 p.m.7 views

CVE-2026-52990

In the Linux kernel, the following vulnerability has been resolved: fsnotify: fix inode reference leak in fsnotifyrecalcmask fsnotifyrecalcmask fails to handle the return value of fsnotifyrecalcmask, which may return an inode pointer that needs to be released via fsnotifydropobject when the...

0.00175EPSS
Exploits0References4
CVE
CVE
added 2026/06/24 4:29 p.m.10 views

CVE-2026-52990

CVE-2026-52990 involves the Linux kernel fsnotify subsystem. The bug stems from fsnotify_recalc_mask() returning an inode pointer without releasing it when the connector’s HAS_IREF flag transitions from true to false, leaving an iref leak that can cause a hung task (example trace includes unmount...

5.7AI score0.00175EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.1 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: fsnotify: Do not generate ACCESS/MODIFY events for special files in child processes. inotify/fanotify: Do not allow users who have no read access to a file to subscribe to events like INACCESS/INMODIFY. However, users can stil...

6AI score0.00173EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.8 views

PT-2026-51884

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An inode reference leak exists in the fsnotify subsystem. The function fsnotify recalc mask fails to handle the return value of fsnotify recalc mask, which may return an inode pointer th...

6AI score0.00175EPSS
Exploits0References13
RedhatCVE
RedhatCVE
added 2026/05/28 6:37 p.m.13 views

CVE-2026-46150

A flaw was found in the Linux kernel's fanotify subsystem. This vulnerability allows for a bypass of permission checks because the fsnotifygetmarksafe function may incorrectly return false for marks on unrelated groups. This could enable an attacker to perform unauthorized actions by circumventin...

7.1CVSS5.8AI score0.00142EPSS
Exploits0References4
CVE
CVE
added 2026/05/28 9:36 a.m.40 views

CVE-2026-46150

The CVE-2026-46150 issue affects the Linux kernel fanotify subsystem. It arises because fsnotify_get_mark_safe() may return false for a mark in an unrelated group, bypassing the permission check. The fix patches the logic to skip detached marks that are not in the current group, mitigating the by...

7.1CVSS5.8AI score0.00142EPSS
Exploits0References8Affected Software1
EUVD
EUVD
added 2026/05/28 9:36 a.m.15 views

EUVD-2026-32777

In the Linux kernel, the following vulnerability has been resolved: fanotify: fix false positive on permission events fsnotifygetmarksafe may return false for a mark on an unrelated group, which results in bypassing the permission check. Fix by skipping over detached marks that are not in the...

5.8AI score0.00142EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2026/05/28 8:8 a.m.9 views

inotify: fix watch count leak when fsnotify_add_inode_mark_locked() fails

...

5.5CVSS5.4AI score0.00123EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/28 3:53 a.m.11 views

SUSE CVE-2026-46040

In the Linux kernel, the following vulnerability has been resolved: inotify: fix watch count leak when fsnotifyaddinodemarklocked fails When fsnotifyaddinodemarklocked fails in inotifynewwatch, the error path calls inotifyremovefromidr but does not call decinotifywatches to undo the preceding...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/27 12:56 p.m.8 views

CVE-2026-46040

In the Linux kernel, the following vulnerability has been resolved: inotify: fix watch count leak when fsnotifyaddinodemarklocked fails When fsnotifyaddinodemarklocked fails in inotifynewwatch, the error path calls inotifyremovefromidr but does not call decinotifywatches to undo the preceding...

5.7AI score0.00123EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2026/05/27 12:56 p.m.43 views

CVE-2026-46040 inotify: fix watch count leak when fsnotify_add_inode_mark_locked() fails

In the Linux kernel, the following vulnerability has been resolved: inotify: fix watch count leak when fsnotifyaddinodemarklocked fails When fsnotifyaddinodemarklocked fails in inotifynewwatch, the error path calls inotifyremovefromidr but does not call decinotifywatches to undo the preceding...

0.00123EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/05/27 12:56 p.m.10 views

CVE-2026-46040

In the Linux kernel, the following vulnerability has been resolved: inotify: fix watch count leak when fsnotifyaddinodemarklocked fails When fsnotifyaddinodemarklocked fails in inotifynewwatch, the error path calls inotifyremovefromidr but does not call decinotifywatches to undo the preceding...

5.5CVSS5.7AI score0.00123EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure of the fsnotifyadd inodemarklocked function in inotifynewwatch, where the monitoring...

5.8AI score0.00123EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/05/27 12:0 a.m.13 views

CVE-2026-46040

inotify: fix watch count leak when fsnotifyaddinodemarklocked fails...

5.8AI score0.00123EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.11 views

PT-2026-43907

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A watch count leak occurs in the inotify system when the fsnotify add inode mark locked function fails within inotify new watch. In this scenario, the error path executes inotify remove...

5.5CVSS5.9AI score0.00123EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: iouring/rw: Defer fsnotify calls to task context. We cannot defer these calls outside of the kiocb completion, as that might be off-soft/hard IRQ context. We should defer the calls until we process the taskwork for this reques...

5.8AI score0.00167EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: fsnotify: Clearing PARENTWATCHED flags lazily In some setups, directories can have many usually negative entries. Therefore, the fsnotifyupdatechilddentryflags function can take a significant amount of time. Since most of this...

4.7CVSS6.4AI score0.00159EPSS
Exploits0References2
Rows per page
Query Builder