19 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Audit: Do not dereference the syscall arguments when checking the openat2 openhow::flags. According to Jeff, dereferencing the openat2 syscall argument in auditmatchperm to obtain the openhow::flags can lead to an oops/page-fault...
UBUNTU-CVE-2026-43619
Rsync version 3.4.2 and prior contain symlink race condition vulnerabilities in path-based system calls including chmod, lchown, utimes, rename, unlink, mkdir, symlink, mknod, link, rmdir, and lstat that allow local attackers to redirect operations to files outside the exported rsync module...
OCI layer symlink escape → arbitrary host write
Affected versions of boxlite extract OCI image layer tarballs without fully containing path resolution to the extraction root. A crafted layer containing a symlink whose target is an absolute on-host path e.g. escape - /tmp followed by a file entry that resolves through that symlink e.g...
Oracle Linux 9 : tar (ELSA-2026-0067)
The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2026-0067 advisory. 2:1.34-9 - Fix the last patch to solve a regression with -x and --xattrs: RHEL-136277 also, fix another tiny mistake in the patch w/o visible consequences...
tar security update
2:1.34-9 - Fix the last patch to solve a regression with -x and --xattrs: RHEL-136277 also, fix another tiny mistake in the patch w/o visible consequences 2:1.34-8 - Backport upstream changes to jailify extraction directory Includes related gnulib changes to add openat2 Fixes CVE-2025-45582...
Oracle Linux 10 : tar (ELSA-2026-0002)
The remote Oracle Linux 10 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2026-0002 advisory. 2:1.35-9 - Fix a tiny mistake in the last patch affecting hardling extraction w/o visible consequences 2:1.35-8 - Backport upstream changes to jailify extracti...
SUSE CVE-2022-48832
In the Linux kernel, the following vulnerability has been resolved: audit: don't deref the syscall args when checking the openat2 openhow::flags As reported by Jeff, dereferencing the openat2 syscall argument in auditmatchperm to obtain the openhow::flags can result in an oops/page-fault. This...
CVE-2022-48832
In the Linux kernel, the following vulnerability has been resolved: audit: don't deref the syscall args when checking the openat2 openhow::flags As reported by Jeff, dereferencing the openat2 syscall argument in auditmatchperm to obtain the openhow::flags can result in an oops/page-fault. This...
DEBIAN-CVE-2022-48832
In the Linux kernel, the following vulnerability has been resolved: audit: don't deref the syscall args when checking the openat2 openhow::flags As reported by Jeff, dereferencing the openat2 syscall argument in auditmatchperm to obtain the openhow::flags can result in an oops/page-fault. This...
CVE-2022-48832
In the Linux kernel, the following vulnerability has been resolved: audit: don't deref the syscall args when checking the openat2 openhow::flags As reported by Jeff, dereferencing the openat2 syscall argument in auditmatchperm to obtain the openhow::flags can result in an oops/page-fault. This...
UBUNTU-CVE-2022-48832
In the Linux kernel, the following vulnerability has been resolved: audit: don't deref the syscall args when checking the openat2 openhow::flags As reported by Jeff, dereferencing the openat2 syscall argument in auditmatchperm to obtain the openhow::flags can result in an oops/page-fault. This...
CVE-2022-48832 audit: don't deref the syscall args when checking the openat2 open_how::flags
In the Linux kernel, the following vulnerability has been resolved: audit: don't deref the syscall args when checking the openat2 openhow::flags As reported by Jeff, dereferencing the openat2 syscall argument in auditmatchperm to obtain the openhow::flags can result in an oops/page-fault. This...
CVE-2022-48832
In CVE-2022-48832, the Linux kernel audit subsystem was fixed to prevent dereferencing the openat2 open_how.args in audit_match_perm(), which could cause an oops/page-fault. The root cause was unsafe access to syscall arguments when checking permissions, leading to potential instability. The reso...
PT-2024-11810 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue arises from dereferencing the openat2 syscall argument in audit match perm to obtain the open how::flags, which can result in an oops/page-fault. This is resolved by using th...
CVE-2023-52793
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2023-52793
CVE-2023-52793 is rejected by its CVE Numbering Authority and does not represent an active vulnerability entry.
CVE-2023-52793
Removed by vendor...
Exploit for File Descriptor Leak in Linuxfoundation Runc
PoC of CVE-2024-21626 Read my full article for detailed explan...
GSD-2022-1000483 audit: don't deref the syscall args when checking the openat2 open_how::flags
audit: don't deref the syscall args when checking the openat2 openhow::flags This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.10 by commit...