Lucene search
K

29 matches found

SUSE CVE
SUSE CVE
added 2026/05/02 1:25 a.m.22 views

SUSE CVE-2026-31694

In the Linux kernel, the following vulnerability has been resolved: fuse: reject oversized dirents in page cache fuseadddirenttocache computes a serialized dirent size from the server-controlled namelen field and copies the dirent into a single page-cache page. The existing logic only checks...

7.8CVSS5.8AI score0.00127EPSS
Exploits1References118
NVD
NVD
added 2026/05/01 2:16 p.m.7 views

CVE-2026-31694

In the Linux kernel, the following vulnerability has been resolved: fuse: reject oversized dirents in page cache fuseadddirenttocache computes a serialized dirent size from the server-controlled namelen field and copies the dirent into a single page-cache page. The existing logic only checks...

7.8CVSS0.00127EPSS
Exploits1References3
CVE
CVE
added 2026/05/01 1:53 p.m.41 views

CVE-2026-31694

Summary: CVE-2026-31694 fixes a Linux kernel FUSE directory-entry handling flaw. A malicious FUSE server could cause a 24-byte overflow by returning a dirent whose serialized size (based on namelen) exceeds a single PAGE_SIZE. The bug arises in fuse_add_dirent_to_cache(), which previously only ch...

7.8CVSS5.8AI score0.00127EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/01 1:53 p.m.10 views

CVE-2026-31694

In the Linux kernel, the following vulnerability has been resolved: fuse: reject oversized dirents in page cache fuseadddirenttocache computes a serialized dirent size from the server-controlled namelen field and copies the dirent into a single page-cache page. The existing logic only checks...

7.8CVSS5.8AI score0.00127EPSS
Exploits1References9Affected Software1
OSV
OSV
added 2026/05/01 1:53 p.m.2 views

CVE-2026-31694 fuse: reject oversized dirents in page cache

In the Linux kernel, the following vulnerability has been resolved: fuse: reject oversized dirents in page cache fuseadddirenttocache computes a serialized dirent size from the server-controlled namelen field and copies the dirent into a single page-cache page. The existing logic only checks...

7.8CVSS6AI score0.00127EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/04/20 12:0 a.m.10 views

PT-2026-36324

Name of the Vulnerable Software and Affected Versions Linux kernel versions 6.16-rc1 and later Description An out-of-bounds write issue exists in the fuse add dirent to cache function within the FUSE subsystem. The system calculates a serialized directory entry dirent size based on the...

7.8CVSS6.8AI score0.00127EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/10/27 12:0 a.m.6 views

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices NULL Pointer Dereference (CVE-2024-47692)

In the Linux kernel, the following vulnerability has been resolved: nfsd: return -EINVAL when namelen is 0 When we have a corrupted main.sqlite in /var/lib/nfs/nfsdcld/, it may result in namelen being 0, which will cause memdupuser to return ZEROSIZEPTR. When we access the name.data that has been...

6.5CVSS6.2AI score0.01168EPSS
Exploits0References5
Debian
Debian
added 2025/10/13 2:45 p.m.7 views

[SECURITY] [DLA 4329-1] libfcgi security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4329-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz October 13, 2025 https://wiki.debian.org/LTS -...

9.3CVSS7.2AI score0.00566EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.3 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-381973)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-381973 advisory. In the Linux kernel, the following vulnerability has been resolved: nfsd: return -EINVAL when namelen is 0 When we have a corrupted main.sqlite in...

6.5CVSS6.4AI score0.01168EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/06/11 10:24 a.m.6 views

perl-fcgi: FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 (aka fcgi) library

A flaw was found in the FCGI library. In affected versions, specially crafted nameLen or valueLen values in data sent to the IPC socket may result in a heap-based buffer overflow, which can cause an application crash or other undefined behavior. This occurs in ReadParams in fcgiapp.c...

5.3CVSS5.9AI score0.00516EPSS
Exploits1References10
RedHat Linux
RedHat Linux
added 2025/05/13 8:28 a.m.2 views

kernel: nfsd: return -EINVAL when namelen is 0

In the Linux kernel, the following vulnerability has been resolved: nfsd: return -EINVAL when namelen is 0 When we have a corrupted main.sqlite in /var/lib/nfs/nfsdcld/, it may result in namelen being 0, which will cause memdupuser to return ZEROSIZEPTR. When we access the name.data that has been...

6.5CVSS6.5AI score0.01168EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.5 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: nfsd: returns -EINVAL when namelen is 0 When we have a corrupted main.sqlite file in /var/lib/nfs/nfsdcld/, it may result in namelen being 0, which will cause memdupuser to return ZEROSIZEPTR. When we access the name.data that ha...

6.5CVSS6.3AI score0.01168EPSS
Exploits0References3
OSV
OSV
added 2025/01/10 12:15 p.m.2 views

DEBIAN-CVE-2025-23016

FastCGI fcgi2 aka fcgi 2.x through 2.4.4 has an integer overflow and resultant heap-based buffer overflow via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c...

9.3CVSS8.3AI score0.00566EPSS
Exploits0References1
Amazon
Amazon
added 2024/10/31 12:0 a.m.5 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: inet: inetdefrag: prevent sk release while still in use CVE-2024-26921 In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: walk over current view on netlink dump...

9.1CVSS7AI score0.01367EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2024/10/21 3:47 p.m.3 views

SUSE CVE-2024-47692

In the Linux kernel, the following vulnerability has been resolved: nfsd: return -EINVAL when namelen is 0 When we have a corrupted main.sqlite in /var/lib/nfs/nfsdcld/, it may result in namelen being 0, which will cause memdupuser to return ZEROSIZEPTR. When we access the name.data that has been...

5.5CVSS6.3AI score0.01168EPSS
Exploits0References19
OSV
OSV
added 2024/10/21 12:15 p.m.14 views

AZL-50939 CVE-2024-47692 affecting package kernel for versions less than 6.6.56.1-5

In the Linux kernel, the following vulnerability has been resolved: nfsd: return -EINVAL when namelen is 0 When we have a corrupted main.sqlite in /var/lib/nfs/nfsdcld/, it may result in namelen being 0, which will cause memdupuser to return ZEROSIZEPTR. When we access the name.data that has been...

6.5CVSS6.7AI score0.01168EPSS
Exploits0References1
OSV
OSV
added 2024/10/21 12:15 p.m.2 views

DEBIAN-CVE-2024-47692

In the Linux kernel, the following vulnerability has been resolved: nfsd: return -EINVAL when namelen is 0 When we have a corrupted main.sqlite in /var/lib/nfs/nfsdcld/, it may result in namelen being 0, which will cause memdupuser to return ZEROSIZEPTR. When we access the name.data that has been...

6.5CVSS6AI score0.01168EPSS
Exploits0References1
OSV
OSV
added 2024/10/21 12:15 p.m.13 views

AZL-50827 CVE-2024-47692 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: nfsd: return -EINVAL when namelen is 0 When we have a corrupted main.sqlite in /var/lib/nfs/nfsdcld/, it may result in namelen being 0, which will cause memdupuser to return ZEROSIZEPTR. When we access the name.data that has been...

6.5CVSS6.7AI score0.01168EPSS
Exploits0References1
OSV
OSV
added 2024/10/21 12:15 p.m.9 views

UBUNTU-CVE-2024-47692

In the Linux kernel, the following vulnerability has been resolved: nfsd: return -EINVAL when namelen is 0 When we have a corrupted main.sqlite in /var/lib/nfs/nfsdcld/, it may result in namelen being 0, which will cause memdupuser to return ZEROSIZEPTR. When we access the name.data that has been...

6.5CVSS6.3AI score0.01168EPSS
Exploits0References43
Vulnrichment
Vulnrichment
added 2024/10/21 11:53 a.m.17 views

CVE-2024-47692 nfsd: return -EINVAL when namelen is 0

In the Linux kernel, the following vulnerability has been resolved: nfsd: return -EINVAL when namelen is 0 When we have a corrupted main.sqlite in /var/lib/nfs/nfsdcld/, it may result in namelen being 0, which will cause memdupuser to return ZEROSIZEPTR. When we access the name.data that has been...

6.6AI score0.01168EPSS
Exploits0References8
Rows per page
Query Builder