Lucene search
K

195 matches found

SUSE CVE
SUSE CVE
added 2025/04/18 11:21 p.m.12 views

SUSE CVE-2024-58095

In the Linux kernel, the following vulnerability has been resolved: jfs: add check read-only before txBeginAnon call Added a read-only check before calling txBeginAnon in extAlloc and extRecord. This prevents modification attempts on a read-only mounted filesystem, avoiding potential errors or...

5.5CVSS7.7AI score0.00148EPSS
Exploits0References16
NVD
NVD
added 2025/03/27 5:15 p.m.14 views

CVE-2023-52979

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

Exploits0
OSV
OSV
added 2025/03/05 11:2 a.m.15 views

USN-7323-1 linux-aws, linux-gcp, linux-hwe-6.11, linux-oracle, linux-raspi, linux-realtime vulnerabilities

Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service system crash or possibly execute arbitrary code...

7.8CVSS7AI score0.00271EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2024/12/29 2:25 p.m.9 views

CVE-2024-53176

In the Linux kernel, the following vulnerability has been resolved: smb: During unmount, ensure all cached dir instances drop their dentry The unmount process cifskillsb calling closeallcacheddirs can race with various cached directory operations, which ultimately results in dentries not being...

5.5CVSS6.8AI score0.00218EPSS
Exploits0References4
Amazon
Amazon
added 2024/12/19 12:0 a.m.5 views

Important: flatpak

Issue Overview: A sandbox escape vulnerability was found in Flatpak due to a symlink-following issue when mounting persistent directories. This flaw allows a local user or attacker to craft a symbolic link that can bypass the intended restrictions, enabling access to and modification of files...

10CVSS6.6AI score0.01283EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2024/11/12 9:11 a.m.2 views

kernel: ext4: fix corruption during on-line resize

A vulnerability was found in the ext4 filesystem in the Linux kernel during on-line resizing operations. When an ext4 filesystem is resized while mounted, it could lead to data corruption...

5.5CVSS7.2AI score0.00269EPSS
Exploits0References5
Amazon
Amazon
added 2024/10/31 12:0 a.m.3 views

Important: flatpak

Issue Overview: A sandbox escape vulnerability was found in Flatpak due to a symlink-following issue when mounting persistent directories. This flaw allows a local user or attacker to craft a symbolic link that can bypass the intended restrictions, enabling access to and modification of files...

10CVSS6.5AI score0.01283EPSS
Exploits1
VulnCheck KEV
VulnCheck KEV
added 2024/08/21 12:0 a.m.5 views

VulnCheck KEV: CVE-2023-2640

On Ubuntu kernels carrying both c914c0e27eb0 and "UBUNTU: SAUCE: overlayfs: Skip permission checking for trusted.overlayfs. xattrs", an unprivileged user may set privileged extended attributes on the mounted files, leading them to be set on the upper files without the appropriate security checks...

7.8CVSS6.6AI score0.15783EPSS
Exploits12References1
OSV
OSV
added 2024/08/17 9:24 a.m.15 views

CVE-2024-43857 f2fs: fix null reference error when checking end of zone

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix null reference error when checking end of zone This patch fixes a potentially null pointer being accessed by isendzoneblkaddr that checks the last block of a zone when f2fs is mounted as a single device...

5.5CVSS6.1AI score0.0021EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/08/08 4:53 a.m.3 views

kernel: ext4: fix corruption during on-line resize

A vulnerability was found in the ext4 filesystem in the Linux kernel during on-line resizing operations. When an ext4 filesystem is resized while mounted, it could lead to data corruption...

5.5CVSS7.2AI score0.00269EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/08/08 4:44 a.m.4 views

kernel: ext4: fix corruption during on-line resize

A vulnerability was found in the ext4 filesystem in the Linux kernel during on-line resizing operations. When an ext4 filesystem is resized while mounted, it could lead to data corruption...

5.5CVSS7.2AI score0.00269EPSS
Exploits0References5
OSV
OSV
added 2024/03/25 11:58 p.m.15 views

USN-6701-3 linux-aws-hwe, linux-azure, linux-azure-4.15, linux-oracle vulnerabilities

Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service bluetooth communication. CVE-2023-2002 It was discovered that the NVIDIA Tegra...

7.8CVSS6.9AI score0.28058EPSS
Exploits18References13
Krebs on Security
Krebs on Security
added 2024/01/19 3:34 p.m.28 views

Canadian Man Stuck in Triangle of E-Commerce Fraud

A Canadian man who says hes been falsely charged with orchestrating a complex e-commerce scam is seeking to clear his name. His case appears to involve "triangulation fraud," which occurs when a consumer purchases something online -- from a seller on Amazon or eBay, for example -- but the seller...

6.8AI score
Exploits0
UbuntuCve
UbuntuCve
added 2023/07/06 5:15 p.m.23 views

CVE-2023-37454

An issue was discovered in the Linux kernel through 6.4.2. A crafted UDF filesystem image causes a use-after-free write operation in the udfputsuper and udfcloselvid functions in fs/udf/super.c. NOTE: the suse.com reference has a different perspective about this...

5.5CVSS6.7AI score0.00361EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2023/06/23 12:0 a.m.3 views

PT-2025-49496

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the JFS filesystem within the Linux kernel. Specifically, a missing check for a read-only mounted filesystem in the txBegin function could lead to a NULL pointer...

6CVSS6.8AI score0.00171EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2023/05/31 8:15 p.m.176 views

CVE-2023-34256

An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4groupdesccsum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend again...

5.5CVSS6.5AI score0.00247EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2023/04/10 1:37 p.m.10 views

kernel: FUSE filesystem low-privileged user privileges escalation

A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalat...

7.8CVSS6.7AI score0.0788EPSS
Exploits14References6
CNNVD
CNNVD
added 2023/03/30 12:0 a.m.4 views

HashiCorp Vault 安全漏洞

HashiCorp Vault is a private key access management tool from the US-based HashiCorp. A security vulnerability exists in HashiCorp Vault versions prior to 1.13.1, prior to 1.12.5, and prior to 1.11.9, which originates from a mounted issuer endpoint that can delete an issuer or modify issuer...

6.5CVSS6AI score0.00332EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 6:12 a.m.3 views

SUSE CVE-2007-1743

suexec in Apache HTTP Server httpd 2.2.3 does not verify combinations of user and group IDs on the command line, which might allow local users to leverage other vulnerabilities to create arbitrary UID/GID owned files if /proc is mounted. NOTE: the researcher, who is reliable, claims that the vend...

4.4CVSS7AI score0.00703EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:28 a.m.4 views

SUSE CVE-2018-10840

Linux kernel is vulnerable to a heap-based buffer overflow in the fs/ext4/xattr.c:ext4xattrsetentry function. An attacker could exploit this by operating on a mounted crafted ext4 image...

7.2CVSS7.1AI score0.0067EPSS
Exploits1References4
Rows per page
Query Builder