4329 matches found
firefox: thunderbird: Privilege escalation in Firefox Updater
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Mozilla Firefox's update mechanism allowed a medium-integrity user process to interfere with the SYSTEM-level updater by manipulating the file-locking behavior. By injecting code into the...
OESA-2025-1488 firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security Fixes: Thunderbird's update mechanism allowed a medium-integrity user process to interfere with the SYSTEM-level updater by manipulating the file-locking behavior. By injecting...
firefox: thunderbird: Privilege escalation in Firefox Updater
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Mozilla Firefox's update mechanism allowed a medium-integrity user process to interfere with the SYSTEM-level updater by manipulating the file-locking behavior. By injecting code into the...
firefox: thunderbird: Privilege escalation in Firefox Updater
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Mozilla Firefox's update mechanism allowed a medium-integrity user process to interfere with the SYSTEM-level updater by manipulating the file-locking behavior. By injecting code into the...
firefox: thunderbird: Privilege escalation in Firefox Updater
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Mozilla Firefox's update mechanism allowed a medium-integrity user process to interfere with the SYSTEM-level updater by manipulating the file-locking behavior. By injecting code into the...
firefox: thunderbird: Privilege escalation in Firefox Updater
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Mozilla Firefox's update mechanism allowed a medium-integrity user process to interfere with the SYSTEM-level updater by manipulating the file-locking behavior. By injecting code into the...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from an improper locking mechanism that can lead to deadlocks...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an incorrect use of the locking mechanism, which could lead to a race condition...
libsemanage bug fix update
An update is available for libsemanage. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libsemanage library provides an API for the manipulation of SELinux...
SUSE CVE-2022-49931
In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Correctly move list in scdisable Commit 13bac861952a "IB/hfi1: Fix abba locking issue with scdisable" incorrectly tries to move a list from one list head to another. The result is a kernel crash. The crash is triggered...
CBL Mariner 2.0 Security Update: kernel (CVE-2025-21811)
The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21811 advisory. - In the Linux kernel, the following vulnerability has been resolved: nilfs2: protect access to buffers with n...
CBL Mariner 2.0 Security Update: kernel (CVE-2024-58071)
"The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-58071 advisory. - In the Linux kernel, the following vulnerability has been resolved: team: prevent adding a device which is...
PT-2025-22213
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue is possible in the Linux kernel due to insufficient checks on file reference counts. This occurs when one thread destroys a file while another thread holds a...
firefox: thunderbird: Privilege escalation in Firefox Updater
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Mozilla Firefox's update mechanism allowed a medium-integrity user process to interfere with the SYSTEM-level updater by manipulating the file-locking behavior. By injecting code into the...
firefox: thunderbird: Privilege escalation in Firefox Updater
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Mozilla Firefox's update mechanism allowed a medium-integrity user process to interfere with the SYSTEM-level updater by manipulating the file-locking behavior. By injecting code into the...
firefox: thunderbird: Privilege escalation in Firefox Updater
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Mozilla Firefox's update mechanism allowed a medium-integrity user process to interfere with the SYSTEM-level updater by manipulating the file-locking behavior. By injecting code into the...
CVE-2023-53137
In the Linux kernel, the following vulnerability has been resolved: ext4: Fix possible corruption when moving a directory When we are renaming a directory to a different directory, we need to update '..' entry in the moved directory. However nothing prevents moved directory from being modified an...
CVE-2023-53137
...
CVE-2023-53137
CVE-2023-53137 is present in connected advisories (e.g., MiracleLinux AXSA:2025-10933) with a concrete ext4 issue: "ext4: fix off-by-one error in do_split". The root cause is an off-by-one error in do_split that can lead to filesystem corruption; remediation involves applying the kernel fix for e...
CVE-2023-53109
CVE-2023-53109 : Linux kernel vulnerability in net: tunnels where IP tunnels may update dev->needed_headroom in the xmit path, causing a data race (KCSAN) in ip_tunnel_xmit and related paths. The patch annotates lockless accesses to dev->needed_headroom for three tunnels’ xmit paths and als...