4 matches found
CVE-2023-52502
In the Linux kernel, the following vulnerability has been resolved: net: nfc: fix races in nfcllcpsockget and nfcllcpsockgetsn Sili Luo reported a race in nfcllcpsockget, leading to UAF. Getting a reference on the socket found in a lookup while holding a lock should happen before releasing the...
rpm security update
An update is available for rpm. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The RPM Package Manager RPM is a command-line driven package management system...
Queues allow non-Send types to be sent to other threads, allowing data races
Affected versions of this crate unconditionally implemented Send for types used in queue implementations InnerSend, InnerRecv, FutInnerSend, FutInnerRecv. This allows users to send non-Send types to other threads, which can lead to data race bugs or other undefined behavior...
FreeBSD : gzip -- directory traversal and permission race vulnerabilities (63bd4bad-dffe-11d9-b875-0001020eed82)
Problem Description Two problems related to extraction of files exist in gzip : The first problem is that gzip does not properly sanitize filenames containing '/' when uncompressing files using the -N command line option. The second problem is that gzip does not set permissions on newly extracted...