40 matches found
ALPINE-CVE-2026-21716
An incomplete fix for CVE-2024-36137 leaves FileHandle.chmod and FileHandle.chown in the promises API without the required permission checks, while their callback-based equivalents fs.fchmod, fs.fchown were correctly patched. As a result, code running under --permission with restricted...
Security update 5.0.7 for Multi-Linux Manager Client Tools
This update fixes the following issues: golang-github-QubitProducts-exporterexporter: Non-customer-facing optimization and update golang-github-boynux-squidexporter: Version update from 1.6.0 to 1.13.0 with the following highlighted changes and fixes jscPED-14971: Added compatibility for Squid 6...
SUSE-SU-2026:0628-1 Security update 5.1.2 for Multi-Linux Manager Client Tools
This update fixes the following issues: golang-github-QubitProducts-exporterexporter: - Non-customer-facing optimization around source building golang-github-boynux-squidexporter: - Update to version 1.13.0 jscPED-14971 - Add support for squid-internal-mgr path for metrics. - Update to version...
Security update 5.1.2 for Multi-Linux Manager Client Tools
This update fixes the following issues: golang-github-QubitProducts-exporterexporter: Non-customer-facing optimization around source building golang-github-boynux-squidexporter: Update to version 1.13.0 jscPED-14971 Add support for squid-internal-mgr path for metrics. Update to version 1.12.0 Add...
EUVD-2002-1113
Malware in sbrugna...
runc: file descriptor leak
A file descriptor leak issue was found in the runc package. While a user performs OCLOEXEC all file descriptors before executing the container code, the file descriptor is open when performing setcwd2, which means that the reference can be kept alive in the container by configuring the working...
DEBIAN-CVE-2024-45025
In the Linux kernel, the following vulnerability has been resolved: fix bitmap corruption on closerange with CLOSERANGEUNSHARE copyfdbitmapsnew, old, count is expected to copy the first count/BITSPERLONG bits from old-fullfdsbits and fill the rest with zeroes. What it does is copying enough words...
CVE-2024-7734 Phoenix Contact: Multiple mGuard devices are vulnerable to a drain of open file descriptors.
An unauthenticated remote attacker can exploit the behavior of the pathfinder TCP encapsulation service by establishing a high number of TCP connections to the pathfinder TCP encapsulation service. The impact is limited to blocking of valid IPsec VPN peers...
PT-2023-22809 · Unknown · Cloud Hypervisor
Name of the Vulnerable Software and Affected Versions: Cloud Hypervisor versions 30.0 through 31.0 Description: This issue allows users to close arbitrary open file descriptors in the Cloud Hypervisor process via sending malicious HTTP requests through the HTTP API socket, potentially causing...
SUSE CVE-2008-0947
Buffer overflow in the RPC library used by libgssrpc and kadmind in MIT Kerberos 5 krb5 1.4 through 1.6.3 allows remote attackers to execute arbitrary code by triggering a large number of open file descriptors...
SUSE CVE-2013-0288
nss-pam-ldapd before 0.7.18 and 0.8.x before 0.8.11 allows context-dependent attackers to cause a denial of service application crash and possibly execute arbitrary code by performing a name lookup on an application with a large number of open file descriptors, which triggers a stack-based buffer...
Linux kernel UNIX Sockets In-Flight FD Limit Security Bypass Vulnerability
The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a program's failure to properly count file descriptors passed over UNIX domain sockets. A local attacker...
PT-2015-6840 · Red Hat +1 · Libreport +2
Name of the Vulnerable Software and Affected Versions: libreport versions 2.0.7 through 2.6.3 Description: The issue allows remote attackers to obtain sensitive information via unspecified vectors related to the backtrace, cmdline, environ, open fds, maps, smaps, hostname, remote, ks.cfg, or...
UBUNTU-CVE-2012-6110
bcron-exec in bcron before 0.10 does not close file descriptors associated with temporary files when running a cron job, which allows local users to modify job files and send spam messages by accessing an open file descriptor...
WMMon 1.0 b2 Memory Character File Open File Descriptor Read Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5718/info It has been reported that wmmon is vulnerable to a leakage of open file descriptors that may result in unauthorized disclosure of kernel memory. It is allegedly possible for attackers to inherit the open file...
FreeBSD Security Advisory FreeBSD-SA-14:11.sendmail
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:11.sendmail Security Advisory The FreeBSD Project Topic: sendmail improper close-on-exec flag handling Category: contrib Module: sendmail Announced: 2014-06-...
FreeBSD -- sendmail improper close-on-exec flag handling
Problem Description: There is a programming error in sendmail8 that prevented open file descriptors have close-on-exec properly set. Consequently a subprocess will be able to access all open files that the parent process have open. Impact: A local user who can execute their own program for mail...
FreeBSD Ports: bip
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2012-0806
Buffer overflow in Bip 0.8.8 and earlier might allow remote authenticated users to execute arbitrary code via vectors involving a series of TCP connections that triggers use of many open file descriptors...
CVE-2012-0806
Buffer overflow in Bip 0.8.8 and earlier might allow remote authenticated users to execute arbitrary code via vectors involving a series of TCP connections that triggers use of many open file descriptors...