Lucene search
K

25 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: NFSD: NFSv4 file creation neglects setting the ACL. A NFSv4 client that sets an ACL with a named principal during file creation retrieves the ACL later. It finds that the ACL is only a default ACL based on the mode bits, not the...

6.1AI score0.00173EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: The reference count leak in smbcheckpermdacl has been fixed. The issue occurs in a specific part of smbcheckpermdacl. When “id” and “uid” have the same value, the function simply jumps out of the loop without decrementing...

5.5CVSS5.9AI score0.00245EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: nfs: fixed the acl memory leak in posixaclcreate When reviewing another nfs xfstests report, I found that errors related to acl and defaultACL in nfs3proccreate and nfs3procmknod might be leaked. These issues need to be...

5.5CVSS5.9AI score0.00259EPSS
Exploits0References2
NVD
NVD
added 2026/05/01 2:16 p.m.8 views

CVE-2026-31710

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix dir separator in SMB1 UNIX mounts When calling cifsmountgettcon with SMB1 UNIX mounts, @cifssb-mntcifsflags needs to be read or updated only after calling resetcifsunixcaps, otherwise it might end up with missing...

5.5CVSS0.001EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/04/23 1:26 a.m.17 views

SUSE CVE-2026-31432

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix OOB write in QUERYINFO for compound requests When a compound request such as READ + QUERYINFOSecurity is received, and the first command READ consumes most of the response buffer, ksmbd could write beyond the allocated...

8.8CVSS5.8AI score0.00507EPSS
Exploits0References3
NVD
NVD
added 2026/04/22 9:16 a.m.7 views

CVE-2026-31432

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix OOB write in QUERYINFO for compound requests When a compound request such as READ + QUERYINFOSecurity is received, and the first command READ consumes most of the response buffer, ksmbd could write beyond the allocated...

8.8CVSS0.00507EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.9 views

PT-2026-34275

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds write exists in ksmbd when processing compound requests, such as READ combined with QUERY INFOSecurity. If the initial command consumes most of the response buffer, ksmb...

8.8CVSS5.9AI score0.00507EPSS
Exploits0References22
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.5 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-011320)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011320 advisory. In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix reference count leak in smbcheckpermdacl The issue happens in a specific path in...

5.5CVSS5.7AI score0.00245EPSS
Exploits0References4
NVD
NVD
added 2026/01/13 4:16 p.m.5 views

CVE-2025-68803

In the Linux kernel, the following vulnerability has been resolved: NFSD: NFSv4 file creation neglects setting ACL An NFSv4 client that sets an ACL with a named principal during file creation retrieves the ACL afterwards, and finds that it is only a default ACL based on the mode bits and not the...

0.00173EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/01/13 3:29 p.m.23 views

CVE-2025-68803 NFSD: NFSv4 file creation neglects setting ACL

In the Linux kernel, the following vulnerability has been resolved: NFSD: NFSv4 file creation neglects setting ACL An NFSv4 client that sets an ACL with a named principal during file creation retrieves the ACL afterwards, and finds that it is only a default ACL based on the mode bits and not the...

0.00173EPSS
Exploits0References7
CVE
CVE
added 2026/01/13 3:29 p.m.17 views

CVE-2025-68803

In CVE-2025-68803, the Linux kernel NFSD shows a flaw in NFSv4 file creation: when a client sets a named-ACL during creation, the ACL is not applied because nfsd_attrs_valid() ignores POSIX ACLs, causing nfsd_setattr() to be skipped. As a result, the ACL stored on the inode may be generated from ...

6AI score0.00173EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/01/13 3:29 p.m.5 views

CVE-2025-68803

In the Linux kernel, the following vulnerability has been resolved: NFSD: NFSv4 file creation neglects setting ACL An NFSv4 client that sets an ACL with a named principal during file creation retrieves the ACL afterwards, and finds that it is only a default ACL based on the mode bits and not the...

5.2AI score0.00173EPSS
Exploits0References8Affected Software1
CNNVD
CNNVD
added 2026/01/13 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to check the POSIX ACL attribute when creating a file, resulting in a failure to set the ACL...

6.1AI score0.00173EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-68803

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: NFSD: NFSv4 file creation neglects setting ACL An NFSv4 client that sets an ACL with a named...

6.1AI score0.00173EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2008-2660

Malware in sbrugna...

5CVSS7.3AI score0.03377EPSS
Exploits4References19
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987054)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987054 advisory. In the Linux kernel, the following vulnerability has been resolved: nfs: fix acl memory leak of posixaclcreate When looking into another nfs xfstests report, I found...

5.5CVSS6.1AI score0.00259EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2010-2199

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade or deleti...

7.2CVSS7.2AI score0.00312EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/02/27 3:8 a.m.4 views

SUSE CVE-2022-49366

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix reference count leak in smbcheckpermdacl The issue happens in a specific path in smbcheckpermdacl. When "id" and "uid" have the same value, the function simply jumps out of the loop without decrementing the reference...

5.5CVSS6.5AI score0.00245EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:8 a.m.2 views

SUSE CVE-2008-2665

Directory traversal vulnerability in the posixaccess function in PHP 5.2.6 and earlier allows remote attackers to bypass safemode restrictions via a .. dot dot in an http URL, which results in the URL being canonicalized to a local filename after the safemode check has successfully run...

5CVSS6.8AI score0.03377EPSS
Exploits4References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:8 a.m.5 views

SUSE CVE-2016-1575

The overlayfs implementation in the Linux kernel through 4.5.2 does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory...

7.8CVSS8.6AI score0.00923EPSS
Exploits2References3
Rows per page
Query Builder