68 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: iouring: A filename leak was addressed in ioopenatprep. The ioopenatprep function allocates a struct filename using getname. However, if the file is installed in the fixed file table and the OCLOEXEC flag is set, the function...
CVE-2026-54056
Kitty is a cross-platform GPU based terminal. In versions 0.47.0 and 0.47.1, kitten dnd can allow a malicious remote drag-and-drop source to overwrite or truncate arbitrary files writable by the local kitty user. Remote text/uri-list drops are staged in a temporary directory, but on case-sensitiv...
UBUNTU-CVE-2026-54056
Kitty is a cross-platform GPU based terminal. In versions 0.47.0 and 0.47.1, kitten dnd can allow a malicious remote drag-and-drop source to overwrite or truncate arbitrary files writable by the local kitty user. Remote text/uri-list drops are staged in a temporary directory, but on case-sensitiv...
EUVD-2026-36578
Kitty is a cross-platform GPU based terminal. In versions 0.47.0 and 0.47.1, kitten dnd can allow a malicious remote drag-and-drop source to overwrite or truncate arbitrary files writable by the local kitty user. Remote text/uri-list drops are staged in a temporary directory, but on case-sensitiv...
CVE-2026-49128
Music Player Daemon MPD before version 0.24.11 contains a path traversal vulnerability in LocalStorage::MapFSOrThrow and LocalStorage::MapUTF8 within the local storage plugin, where the on-disk path is constructed by joining the storage root with a user-supplied URI as plain strings without...
CVE-2026-37531
AGL app-framework-main thru 17.1.12 contains a Zip Slip path traversal vulnerability CWE-22 combined with a TOCTOU race condition CWE-367 in the widget installation flow. The isvalidfilename function in wgtpkg-zip.c validates ZIP entry names but does not check for dot notation directory traversal...
io_uring: fix filename leak in __io_openat_prep()
...
SUSE CVE-2025-68814
In the Linux kernel, the following vulnerability has been resolved: iouring: fix filename leak in ioopenatprep ioopenatprep allocates a struct filename using getname. However, for the condition of the file being installed in the fixed file table as well as having OCLOEXEC flag set, the function...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002315)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002315 advisory. Use-after-free vulnerability in the pathopenat function in fs/namei.c in the Linux kernel 3.x and 4.x before 4.0.4 allows local users to cause a denial of service or...
CVE-2025-68814
In the Linux kernel, the following vulnerability has been resolved: iouring: fix filename leak in ioopenatprep ioopenatprep allocates a struct filename using getname. However, for the condition of the file being installed in the fixed file table as well as having OCLOEXEC flag set, the function...
AZL-74381 CVE-2025-68814 affecting package kernel for versions less than 6.6.121.1-1
In the Linux kernel, the following vulnerability has been resolved: iouring: fix filename leak in ioopenatprep ioopenatprep allocates a struct filename using getname. However, for the condition of the file being installed in the fixed file table as well as having OCLOEXEC flag set, the function...
CVE-2025-68814
In the Linux kernel, the following vulnerability has been resolved: iouring: fix filename leak in ioopenatprep ioopenatprep allocates a struct filename using getname. However, for the condition of the file being installed in the fixed file table as well as having OCLOEXEC flag set, the function...
UBUNTU-CVE-2025-68814
In the Linux kernel, the following vulnerability has been resolved: iouring: fix filename leak in ioopenatprep ioopenatprep allocates a struct filename using getname. However, for the condition of the file being installed in the fixed file table as well as having OCLOEXEC flag set, the function...
CVE-2025-68814
In the Linux kernel, the following vulnerability has been resolved: iouring: fix filename leak in ioopenatprep ioopenatprep allocates a struct filename using getname. However, for the condition of the file being installed in the fixed file table as well as having OCLOEXEC flag set, the function...
CVE-2025-68814 io_uring: fix filename leak in __io_openat_prep()
In the Linux kernel, the following vulnerability has been resolved: iouring: fix filename leak in ioopenatprep ioopenatprep allocates a struct filename using getname. However, for the condition of the file being installed in the fixed file table as well as having OCLOEXEC flag set, the function...
CVE-2025-68814 io_uring: fix filename leak in __io_openat_prep()
In the Linux kernel, the following vulnerability has been resolved: iouring: fix filename leak in ioopenatprep ioopenatprep allocates a struct filename using getname. However, for the condition of the file being installed in the fixed file table as well as having OCLOEXEC flag set, the function...
CVE-2025-68814
In the Linux kernel, the following vulnerability has been resolved: iouring: fix filename leak in ioopenatprep ioopenatprep allocates a struct filename using getname. However, for the condition of the file being installed in the fixed file table as well as having OCLOEXEC flag set, the function...
Linux Distros Unpatched Vulnerability : CVE-2025-68814
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: iouring: fix filename leak in ioopenatprep ioopenatprep allocates a struct filename using...
PT-2026-2546
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the io openat prep function due to improper cleanup of a struct filename when a file is installed in the fixed file table with the O CLOEXEC flag set. The functio...
CVE-2025-40287
An infinite loop vulnerability was found in the exFAT filesystem driver in the Linux kernel. The exfatfind function does not validate if dentry.stream.validsize is negative. A malformed exFAT filesystem with such entries causes the kernel to hang during file operations like open, truncate, or wri...