1179 matches found
inotify: fix watch count leak when fsnotify_add_inode_mark_locked() fails
...
CVE-2026-9798
A flaw was found in Keycloak, an open-source identity and access management solution. When a user account is temporarily locked due to repeated failed login attempts, an attacker with valid client credentials can exploit the Client-Initiated Backchannel Authentication CIBA flow to bypass this...
Authentication Bypass by Primary Weakness
Overview org.keycloak:keycloak-services is an open source identity and access management solution for modern applications and services. Affected versions of this package are vulnerable to Authentication Bypass by Primary Weakness via the Client-Initiated Backchannel Authentication CIBA flow. An...
UBUNTU-CVE-2026-46049
In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Add fallback to default RSR for S/PDIF spdifpassthruplaybackgetresources uses atc-pllrate as the RSR for the MSR calculation loop. However, pllrate is only updated in atcpllinit and not in hwpllinit, so it remains 0...
CVE-2026-46049
In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Add fallback to default RSR for S/PDIF spdifpassthruplaybackgetresources uses atc-pllrate as the RSR for the MSR calculation loop. However, pllrate is only updated in atcpllinit and not in hwpllinit, so it remains 0...
CVE-2026-46040
CVE-2026-46040: In the Linux kernel inotify path, when fsnotify_add_inode_mark_locked() fails during inotify_new_watch(), the error path did not call dec_inotify_watches(), leaking a watch count and potentially exhausting max_user_watches (-ENOSPC) even with no active watches. The fix introduces ...
CVE-2026-46040 inotify: fix watch count leak when fsnotify_add_inode_mark_locked() fails
In the Linux kernel, the following vulnerability has been resolved: inotify: fix watch count leak when fsnotifyaddinodemarklocked fails When fsnotifyaddinodemarklocked fails in inotifynewwatch, the error path calls inotifyremovefromidr but does not call decinotifywatches to undo the preceding...
CVE-2026-46040
In the Linux kernel, the following vulnerability has been resolved: inotify: fix watch count leak when fsnotifyaddinodemarklocked fails When fsnotifyaddinodemarklocked fails in inotifynewwatch, the error path calls inotifyremovefromidr but does not call decinotifywatches to undo the preceding...
PT-2026-43916
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ALSA ctxfi component where the spdif passthru playback get resources function uses atc-pll rate as the Reference Sample Rate RSR for the Master Sample Rate MSR...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: EROFs: Avoid linking hooked chains to prevent loops in deduplicated compressed images. After subjecting EROFS to heavy stress using several images that included a handcrafted image with repeated patterns for over 46 days, I...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: vfio/type1: prevents underflow of lockedvm via exec When a vfio container is preserved during execution, the task does not change. Instead, a new memory page is allocated with lockedvm=0, and the counter from existing DMA mapping...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: btrfs: The release path occurs before igetfailed in btrfsreadlocked inode. In btrfsreadlocked inode, if we fail to look up the inode, we jump to the ‘out’ label with a path that has a read-locked leaf. Then, we call igetfailed...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: fs/dax: Fixed the issue of “not skipping locked entries when scanning entries”. The commit 6be3e21d25ca “fs/dax: not skipping locked entries when scanning entries” introduced a new function, waitentryunlockedexclusive, which wait...
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerability has been resolved: perf/core: Fixed the unconditional use of the securitylockeddown function. Currently, the lockdown state is queried unconditionally, even though its result is only used if the PERFSAMPLEREGSINTR bit is set in attr.sampletype. Whi...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: btrfs: The release path was called before initializing the extent tree in btrfsreadlocked inode. In btrfsreadlocked inode, we call btrfsinitfileextenttree while holding a lock on a read-locked leaf of the subvolume tree...
CLSA-2026-1779153000 golang: Fix of CVE-2026-32283
CVE-2026-32283: fix TLS 1.3 deadlock in crypto/tls handleKeyUpdate when a peer sends multiple key update messages requesting a response in a single record by adding a locked flag to setReadTrafficSecret so it calls sendAlertLocked instead of re-locking the connection mutex...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization via the API-level authorization process. An attacker can create issues or attach comments to a locked group by sending direct API requests as a member of multiple groups. Remediation Upgrade...
CVE-2026-6341
Mattermost Plugins versions =11.5 11.1.5 10.13.11 11.3.4.0 fail to have API-level checks on which groups the user can create issues or attach comments to which allows a user that is member of multiple groups to create issues to a locked group via direct API requests. Mattermost Advisory ID:...
CVE-2026-6341
Mattermost Plugins versions =11.5 11.1.5 10.13.11 11.3.4.0 fail to have API-level checks on which groups the user can create issues or attach comments to which allows a user that is member of multiple groups to create issues to a locked group via direct API requests. Mattermost Advisory ID:...
CVE-2026-6341
Mattermost advisories describe a vulnerability in Mattermost Plugins affecting versions