25 matches found
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: NFSD: NFSv4 file creation neglects setting the ACL. A NFSv4 client that sets an ACL with a named principal during file creation retrieves the ACL later. It finds that the ACL is only a default ACL based on the mode bits, not the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ksmbd: The reference count leak in smbcheckpermdacl has been fixed. The issue occurs in a specific part of smbcheckpermdacl. When “id” and “uid” have the same value, the function simply jumps out of the loop without decrementing...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: nfs: fixed the acl memory leak in posixaclcreate When reviewing another nfs xfstests report, I found that errors related to acl and defaultACL in nfs3proccreate and nfs3procmknod might be leaked. These issues need to be...
CVE-2026-31710
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix dir separator in SMB1 UNIX mounts When calling cifsmountgettcon with SMB1 UNIX mounts, @cifssb-mntcifsflags needs to be read or updated only after calling resetcifsunixcaps, otherwise it might end up with missing...
SUSE CVE-2026-31432
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix OOB write in QUERYINFO for compound requests When a compound request such as READ + QUERYINFOSecurity is received, and the first command READ consumes most of the response buffer, ksmbd could write beyond the allocated...
CVE-2026-31432
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix OOB write in QUERYINFO for compound requests When a compound request such as READ + QUERYINFOSecurity is received, and the first command READ consumes most of the response buffer, ksmbd could write beyond the allocated...
PT-2026-34275
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds write exists in ksmbd when processing compound requests, such as READ combined with QUERY INFOSecurity. If the initial command consumes most of the response buffer, ksmb...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-011320)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011320 advisory. In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix reference count leak in smbcheckpermdacl The issue happens in a specific path in...
CVE-2025-68803
In the Linux kernel, the following vulnerability has been resolved: NFSD: NFSv4 file creation neglects setting ACL An NFSv4 client that sets an ACL with a named principal during file creation retrieves the ACL afterwards, and finds that it is only a default ACL based on the mode bits and not the...
CVE-2025-68803 NFSD: NFSv4 file creation neglects setting ACL
In the Linux kernel, the following vulnerability has been resolved: NFSD: NFSv4 file creation neglects setting ACL An NFSv4 client that sets an ACL with a named principal during file creation retrieves the ACL afterwards, and finds that it is only a default ACL based on the mode bits and not the...
CVE-2025-68803
In CVE-2025-68803, the Linux kernel NFSD shows a flaw in NFSv4 file creation: when a client sets a named-ACL during creation, the ACL is not applied because nfsd_attrs_valid() ignores POSIX ACLs, causing nfsd_setattr() to be skipped. As a result, the ACL stored on the inode may be generated from ...
CVE-2025-68803
In the Linux kernel, the following vulnerability has been resolved: NFSD: NFSv4 file creation neglects setting ACL An NFSv4 client that sets an ACL with a named principal during file creation retrieves the ACL afterwards, and finds that it is only a default ACL based on the mode bits and not the...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to check the POSIX ACL attribute when creating a file, resulting in a failure to set the ACL...
Linux Distros Unpatched Vulnerability : CVE-2025-68803
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: NFSD: NFSv4 file creation neglects setting ACL An NFSv4 client that sets an ACL with a named...
EUVD-2008-2660
Malware in sbrugna...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987054)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987054 advisory. In the Linux kernel, the following vulnerability has been resolved: nfs: fix acl memory leak of posixaclcreate When looking into another nfs xfstests report, I found...
Linux Distros Unpatched Vulnerability : CVE-2010-2199
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade or deleti...
SUSE CVE-2022-49366
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix reference count leak in smbcheckpermdacl The issue happens in a specific path in smbcheckpermdacl. When "id" and "uid" have the same value, the function simply jumps out of the loop without decrementing the reference...
SUSE CVE-2008-2665
Directory traversal vulnerability in the posixaccess function in PHP 5.2.6 and earlier allows remote attackers to bypass safemode restrictions via a .. dot dot in an http URL, which results in the URL being canonicalized to a local filename after the safemode check has successfully run...
SUSE CVE-2016-1575
The overlayfs implementation in the Linux kernel through 4.5.2 does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory...