CVE-2022-49914 btrfs: fix inode list leak during backref walking at resolve_indirect_refs()

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix inode list leak during backref walking at resolveindirectrefs During backref walking, at resolveindirectrefs, if we get an error we jump to the 'out' label and call ulistfree on the 'parents' ulist, which frees all the...

CVE-2022-49914 btrfs: fix inode list leak during backref walking at resolve_indirect_refs()

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix inode list leak during backref walking at resolveindirectrefs During backref walking, at resolveindirectrefs, if we get an error we jump to the 'out' label and call ulistfree on the 'parents' ulist, which frees all the...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a leak in the inode list in the btrfs resolveindirectrefs error path, which could lead to a memory leak...

U.S. Dept Of Defense: IDOR leaking PII data via VendorId parameter

Description: Dear DoD, I found one bug on your domain from Hack US program: █████ It's IDOR bug. Make sure to know that I didn't test many funcs here for IDOR. I didn't test for ATO Account Takeover. But you should fix this. Here's the PoC: ██████████ Thank you DoD! Impact An attacker could steal...