EUVD-2026-29870

Linux ksmbd contains a remote memory corruption vulnerability in the ACL inheritance path that allows remote clients with directory creation permissions to trigger a heap out-of-bounds read and subsequent heap corruption by setting a crafted DACL with a malformed SID containing an inflated...

Astra Linux - уязвимость в redis

Redis is an open-source, in-memory database that persists data on disk. A user with sufficient privileges can create a malformed ACL selector, which, when accessed, triggers a server panic and subsequent denial of service. This issue has been fixed in Redis 7.2.7 and 7.4.2...

CVE-2026-5745

Libarchive exposes a NULL pointer dereference in the ACL parser (archive_acl_from_text_nl) when processing malformed ACL strings, leading to DoS via a crash in applications using the libarchive API (e.g., bsdtar). Affected component: the ACL parsing logic in libarchive. Underlying cause: insuffic...

EUVD-2024-33419

Malicious code in bioql PyPI...

Security update for redis7

This update for redis7 fixes the following issues: CVE-2024-51741: Fixed a bug where malformed ACL selectors can trigger a server panic when accessed. bsc1235386 CVE-2024-46981: Fixed a bug where lua scripts can be used to manipulate the garbage collector, leading to remote code execution...

Redis 输入验证错误漏洞

Redis is an open source, ANSI C, network-enabled, memory-based, persistent logging, key-value Key-Value storage database from Redis, Inc. that provides APIs in multiple languages. An input validation error vulnerability exists in Redis version 7.0.0 and later. This vulnerability can be exploited ...

redis: Denial-of-service due to malformed ACL selectors in Redis

A flaw was found in Redis. This flaw allows an authenticated attacker with sufficient privileges to create a malformed ACL selector that triggers a server panic and subsequent denial of service when accessed...

DEBIAN-CVE-2024-10396

An authenticated user can provide a malformed ACL to the fileserver's StoreACL RPC, causing the fileserver to crash, possibly expose uninitialized memory, and possibly store garbage data in the audit log. Malformed ACLs provided in responses to client FetchACL RPCs can cause client processes to...

Denial-of-service due to malformed ACL selectors in Redis

...

OpenAFS 安全漏洞

OpenAFS is an OpenAFS open source set of distributed file systems. It allows files and resources to be shared between systems over LANs and WANs. A security vulnerability exists in OpenAFS, which stems from the fact that an authenticated user can provide an incorrectly formatted ACL to a file...

SUSE CVE-2012-0038

Integer overflow in the xfsaclfromdisk function in fs/xfs/xfsacl.c in the Linux kernel before 3.1.9 allows local users to cause a denial of service panic via a filesystem with a malformed ACL, leading to a heap-based buffer overflow...