110 matches found
fsnotify: do not generate ACCESS/MODIFY events on child for special files
...
CVE-2025-68788
An information disclosure flaw was found in the Linux kernel's fsnotify subsystem. When monitoring a parent directory like /dev, users could observe ACCESS and MODIFY events on special files such as /dev/null that they cannot directly read. This creates a side-channel that could potentially be us...
SUSE CVE-2025-68788
In the Linux kernel, the following vulnerability has been resolved: fsnotify: do not generate ACCESS/MODIFY events on child for special files inotify/fanotify do not allow users with no read access to a file to subscribe to events e.g. INACCESS/INMODIFY, but they do allow the same user to subscri...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003451)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003451 advisory. Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service memory corruption...
AZL-74447 CVE-2025-68788 affecting package kernel for versions less than 6.6.121.1-1
In the Linux kernel, the following vulnerability has been resolved: fsnotify: do not generate ACCESS/MODIFY events on child for special files inotify/fanotify do not allow users with no read access to a file to subscribe to events e.g. INACCESS/INMODIFY, but they do allow the same user to subscri...
CVE-2025-68788
In the Linux kernel, the following vulnerability has been resolved: fsnotify: do not generate ACCESS/MODIFY events on child for special files inotify/fanotify do not allow users with no read access to a file to subscribe to events e.g. INACCESS/INMODIFY, but they do allow the same user to subscri...
CVE-2025-68788
In the Linux kernel, the following vulnerability has been resolved: fsnotify: do not generate ACCESS/MODIFY events on child for special files inotify/fanotify do not allow users with no read access to a file to subscribe to events e.g. INACCESS/INMODIFY, but they do allow the same user to subscri...
UBUNTU-CVE-2025-68788
In the Linux kernel, the following vulnerability has been resolved: fsnotify: do not generate ACCESS/MODIFY events on child for special files inotify/fanotify do not allow users with no read access to a file to subscribe to events e.g. INACCESS/INMODIFY, but they do allow the same user to subscri...
CVE-2025-68788 fsnotify: do not generate ACCESS/MODIFY events on child for special files
In the Linux kernel, the following vulnerability has been resolved: fsnotify: do not generate ACCESS/MODIFY events on child for special files inotify/fanotify do not allow users with no read access to a file to subscribe to events e.g. INACCESS/INMODIFY, but they do allow the same user to subscri...
CVE-2025-68788
In the Linux kernel, the following vulnerability has been resolved: fsnotify: do not generate ACCESS/MODIFY events on child for special files inotify/fanotify do not allow users with no read access to a file to subscribe to events e.g. INACCESS/INMODIFY, but they do allow the same user to subscri...
CVE-2025-68788 fsnotify: do not generate ACCESS/MODIFY events on child for special files
In the Linux kernel, the following vulnerability has been resolved: fsnotify: do not generate ACCESS/MODIFY events on child for special files inotify/fanotify do not allow users with no read access to a file to subscribe to events e.g. INACCESS/INMODIFY, but they do allow the same user to subscri...
CVE-2025-68788
In the Linux kernel, the following vulnerability has been resolved: fsnotify: do not generate ACCESS/MODIFY events on child for special files inotify/fanotify do not allow users with no read access to a file to subscribe to events e.g. INACCESS/INMODIFY, but they do allow the same user to subscri...
CVE-2025-68788
CVE-2025-68788 is addressed in OSV:OESA-2026-1305, which reports a Linux kernel security update for the fsnotify subsystem. The fix aligns fsnotify behavior with file-attrib semantics by not generating ACCESS/MODIFY events for parent watchers when a read/write occurs on special files (e.g., /dev/...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from fsnotify generating ACCESS/MODIFY sub-events for special files, which could lead to information disclosure...
Linux Distros Unpatched Vulnerability : CVE-2025-68788
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fsnotify: do not generate ACCESS/MODIFY events on child for special files inotify/fanotify do not allow users with no read access to a file to subscribe to even...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992910)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992910 advisory. In the Linux kernel, the following vulnerability has been resolved: fsnotify: clear PARENTWATCHED flags lazily In some setups directories can have many usually...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992690)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992690 advisory. In the Linux kernel, the following vulnerability has been resolved: fsnotify: clear PARENTWATCHED flags lazily In some setups directories can have many usually...
CVE-2022-50705
In the Linux kernel, the following vulnerability has been resolved: iouring/rw: defer fsnotify calls to task context We can't call these off the kiocb completion as that might be off soft/hard irq context. Defer the calls to when we process the taskwork for this request. That avoids valid...
SUSE CVE-2022-50705
In the Linux kernel, the following vulnerability has been resolved: iouring/rw: defer fsnotify calls to task context We can't call these off the kiocb completion as that might be off soft/hard irq context. Defer the calls to when we process the taskwork for this request. That avoids valid...
Linux Distros Unpatched Vulnerability : CVE-2022-50705
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iouring/rw: defer fsnotify calls to task context We can't call these off the kiocb completion as that might be off soft/hard irq context. Defer the calls to whe...