7 matches found
CVE-2025-24104
This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4. Restoring a maliciously crafted backup file may lead to modification of protected system files...
CVE-2025-31182
This issue was addressed with improved handling of symlinks. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, tvOS 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to delete files for which it does not have permission...
CVE-2022-49058 cifs: potential buffer overflow in handling symlinks
In the Linux kernel, the following vulnerability has been resolved: cifs: potential buffer overflow in handling symlinks Smatch printed a warning: arch/x86/crypto/poly1305glue.c:198 poly1305updatearch error: memcpy 'dctx-buf' too small 16 vs u32max It's caused because Smatch marks 'linklen' as...
GSD-2022-1001958 cifs: potential buffer overflow in handling symlinks
cifs: potential buffer overflow in handling symlinks This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.112 by commit...
GSD-2022-1000977 cifs: potential buffer overflow in handling symlinks
cifs: potential buffer overflow in handling symlinks This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.4 by commit...
Design/Logic Flaw
issafe in the File::Temp module for Perl does not properly handle symlinks...
uninitialized buffer in midnight commander
Midnight Commander is using uninitialized buffer for handling symlinks in VFS tar, cpio. See vfs/direntry.c, handling of buf at vfssresolvesymlink. I wonder but it works almost properly ;- On linux-i386 I can reach stack buffer overflow using specially crafted archive. Open...