393 matches found
SUSE CVE-2023-54077
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix memory leak if ntfsreadmft failed Label ATTRROOT in ntfsreadmft sets isroot = true and ni-niflags |= NIFLAGDIR, then next attr will goto label ATTRALLOC and alloc ni-dir.allocrun. However two states are not always...
EUVD-2022-55822
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add null pointer check for inode operations This adds a sanity check for the iop pointer of the inode which is returned after reading Root directory MFT record. We should check the iop is valid before trying to create t...
CVE-2023-54077
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix memory leak if ntfsreadmft failed Label ATTRROOT in ntfsreadmft sets isroot = true and ni-niflags |= NIFLAGDIR, then next attr will goto label ATTRALLOC and alloc ni-dir.allocrun. However two states are not always...
CVE-2022-50739
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add null pointer check for inode operations This adds a sanity check for the iop pointer of the inode which is returned after reading Root directory MFT record. We should check the iop is valid before trying to create t...
CVE-2022-50739
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add null pointer check for inode operations This adds a sanity check for the iop pointer of the inode which is returned after reading Root directory MFT record. We should check the iop is valid before trying to create t...
CVE-2023-54077
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix memory leak if ntfsreadmft failed Label ATTRROOT in ntfsreadmft sets isroot = true and ni-niflags |= NIFLAGDIR, then next attr will goto label ATTRALLOC and alloc ni-dir.allocrun. However two states are not always...
UBUNTU-CVE-2022-50739
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add null pointer check for inode operations This adds a sanity check for the iop pointer of the inode which is returned after reading Root directory MFT record. We should check the iop is valid before trying to create t...
CVE-2022-50739 fs/ntfs3: Add null pointer check for inode operations
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add null pointer check for inode operations This adds a sanity check for the iop pointer of the inode which is returned after reading Root directory MFT record. We should check the iop is valid before trying to create t...
CVE-2023-54077 fs/ntfs3: Fix memory leak if ntfs_read_mft failed
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix memory leak if ntfsreadmft failed Label ATTRROOT in ntfsreadmft sets isroot = true and ni-niflags |= NIFLAGDIR, then next attr will goto label ATTRALLOC and alloc ni-dir.allocrun. However two states are not always...
CVE-2023-54077
The CVE-2023-54077 issue affects the Linux kernel ntfs3 code path (fs/ntfs3) where a memory leak can occur in ntfs_read_mft due to inconsistent handling of is_root and NI_FLAG_DIR. Specifically, Label ATTR_ROOT can set is_root without NI_FLAG_DIR, causing allocation of ni->dir.alloc_run to lea...
CVE-2023-54077 fs/ntfs3: Fix memory leak if ntfs_read_mft failed
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix memory leak if ntfsreadmft failed Label ATTRROOT in ntfsreadmft sets isroot = true and ni-niflags |= NIFLAGDIR, then next attr will goto label ATTRALLOC and alloc ni-dir.allocrun. However two states are not always...
PT-2025-53154
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a memory leak in the ntfs3 filesystem when the ntfs read mft function fails under specific conditions. The issue arises from inconsistencies in setting flags...
Fortra GoAnywhere MFT 7.x Vulnerability Scanner
Fortra GoAnywhere MFT version7.x vulnerability scanner that looks for systems with a deserialization vulnerability using remote fingerprinting of the system. It does not perform exploitation...
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991119)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991119 advisory. In the Linux kernel, the following vulnerability has been resolved: ntfs: fix use-after-free in ntfsattrfind Patch series ntfs: fix bugs about Attribute, v2. This...
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991152)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991152 advisory. In the Linux kernel, the following vulnerability has been resolved: ntfs: check overflow when iterating ATTRRECORDs Kernel iterates over ATTRRECORDs in mft record in...
CVE-2025-8148
An Improper Access Control in the SFTP service in Fortra's GoAnywhere MFT prior to version 7.9.0 allows Web Users with an Authentication Alias and a valid SSH key but limited to Password authentication for SFTP to still login using their SSH key...
CVE-2025-8148
An Improper Access Control in the SFTP service in Fortra's GoAnywhere MFT prior to version 7.9.0 allows Web Users with an Authentication Alias and a valid SSH key but limited to Password authentication for SFTP to still login using their SSH key...
CVE-2025-8148 CVE-2025-8148 Improper Access Control in SFTP service of GoAnywhere MFT
An Improper Access Control in the SFTP service in Fortra's GoAnywhere MFT prior to version 7.9.0 allows Web Users with an Authentication Alias and a valid SSH key but limited to Password authentication for SFTP to still login using their SSH key...
PT-2025-49314
Name of the Vulnerable Software and Affected Versions GoAnywhere MFT versions prior to 7.9.0 Description An improper access control exists in the SFTP service. This affects web users who have an authentication alias and a valid SSH key, but are limited to password authentication for SFTP. These...
CVE-2025-53896
Kiteworks MFT orchestrates end-to-end file transfer workflows. Prior to version 9.1.0, a bug in Kiteworks MFT could cause under certain circumstances that a user's active session would not properly time out due to inactivity. This issue has been patched in version 9.1.0...