CVE-2026-31611

CVE-2026-31611 affects the Linux kernel's ksmbd path. The flaw occurs in parse_dacl() when comparing ACE SIDs to sid_unix_NFS_mode and subsequently reading sid.sub_auth[2] as the file mode. If the SID has only two sub-authorities, an ACE placed at the end of the ACL can cause sid.sub_auth[2] to r...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007332)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007332 advisory. A flaw was found in the filelockinit in fs/locks.c function in the Linux kernel. This issue can lead to host memory exhaustion due to memcg not limiting the number o...

EUVD-2022-15618

Malicious code in bioql PyPI...

A flaw was found in the filelock_init in fs/locks.c function in the Linux kernel. This issue can lead to host memory exhaustion due to memcg not limiting the number of Portable Operating System Interface (POSIX) file locks.

...

CVE-2024-52793 XSS vulnerability in serveDir API of @std/http/file-server on POSIX systems

The Deno Standard Library provides APIs for Deno and the Web. Prior to version 1.0.11, http/file-server's serveDir with showDirListing: true option is vulnerable to cross-site scripting when the attacker is a user who can control file names in the source directory on systems with POSIX file names...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: x86/xen: Drop USERGSSYSRET64 paravirt call CVE-2021-4440 In the Linux kernel, the following vulnerability has been resolved: net: sched: flower: protect flwalk with rcu CVE-2021-47402 A flaw was found in the...

Moderate: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. 'Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

RHEL 9 : kernel-rt (RHSA-2024:1303)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1303 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Securi...

SUSE CVE-2010-1148

The cifscreate function in fs/cifs/dir.c in the Linux kernel 2.6.33.2 and earlier allows local users to cause a denial of service NULL pointer dereference and OOPS or possibly have unspecified other impact via a NULL nameidata aka nd field in a POSIX file-creation request to a server that support...

CVE-2022-0480

A flaw was found in the filelockinit in fs/locks.c function in the Linux kernel. This issue can lead to host memory exhaustion due to memcg not limiting the number of Portable Operating System Interface POSIX file locks...

DEBIAN-CVE-2022-0480

A flaw was found in the filelockinit in fs/locks.c function in the Linux kernel. This issue can lead to host memory exhaustion due to memcg not limiting the number of Portable Operating System Interface POSIX file locks...

CVE-2022-0480

A flaw was found in the filelockinit in fs/locks.c function in the Linux kernel. This issue can lead to host memory exhaustion due to memcg not limiting the number of Portable Operating System Interface POSIX file locks...

CVE-2022-0480

A flaw was found in the filelockinit in fs/locks.c function in the Linux kernel. This issue can lead to host memory exhaustion due to memcg not limiting the number of Portable Operating System Interface POSIX file locks...

CVE-2022-0480

A flaw was found in the filelockinit in fs/locks.c function in the Linux kernel. This issue can lead to host memory exhaustion due to memcg not limiting the number of Portable Operating System Interface POSIX file locks. Mitigation Mitigation for this issue is either not available or the currentl...

AZL-7195 CVE-2021-29157 affecting package dovecot for versions less than 2.3.20-1

Dovecot before 2.3.15 allows ../ Path Traversal. An attacker with access to the local filesystem can trick OAuth2 authentication into using an HS256 validation key from an attacker-controlled location. This occurs during use of local JWT validation with the posix fs driver...

glusterfs: remote denial of service of gluster volumes via posix_get_file_contents function in posix-helpers.c

It was found that an attacker could issue a xattr request via glusterfs FUSE to cause gluster brick process to crash which will result in a remote denial of service. If gluster multiplexing is enabled this will result in a crash of multiple bricks and gluster volumes...

CVE-2010-2198

lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade or deletion of the file in an RPM package removal, which might allow local users to gain privileges or bypass intended access restrictions by...

Design/Logic Flaw

lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade or deletion of the file in an RPM package removal, which might allow local users to gain privileges or bypass intended access restrictions by...

CVE-2010-2198

lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade or deletion of the file in an RPM package removal, which might allow local users to gain privileges or bypass intended access restrictions by...

Null pointer dereference

The cifscreate function in fs/cifs/dir.c in the Linux kernel 2.6.33.2 and earlier allows local users to cause a denial of service NULL pointer dereference and OOPS or possibly have unspecified other impact via a NULL nameidata aka nd field in a POSIX file-creation request to a server that support...