CVE-2026-46078

erofs: fix the out-of-bounds nameoff handling for trailing dirents...

EUVD-2026-24975

The dd utility in uutils coreutils suppresses errors during file truncation operations by unconditionally calling Result::ok on truncation attempts. While intended to mimic GNU behavior for special files like /dev/null, the uutils implementation also hides failures on regular files and directorie...

uutils coreutils has an Unchecked Return Value Issue

The dd utility in uutils coreutils suppresses errors during file truncation operations by unconditionally calling Result::ok on truncation attempts. While intended to mimic GNU behavior for special files like /dev/null, the uutils implementation also hides failures on regular files and directorie...

GHSA-VG2R-RMGP-CGQJ Deno's --deny-write check does not prevent permission bypass

Summary Deno.FsFile.prototype.utime and Deno.FsFile.prototype.utimeSync are not limited by the permission model check --deny-write=./. It's possible to change to change the access atime and modification mtime times on the file stream resource even when the file is opened with read only permission...

EUVD-2022-25832

Malicious code in bioql PyPI...

CVE-2024-43705 GPU DDK - Security: Exploitable PVRSRVBridgePhysmemWrapExtMem may lead to overwrite read-only file/memory (e.g. libc.so)

Software installed and run as a non-privileged user can trigger the GPU kernel driver to write to arbitrary read-only system files that have been mapped into application memory...

Veeam Kasten GSB backups fail with the error "mkdir /tmp/kopia-log: read-only file system"

Challenge The backup for the workloads that uses Generic Storage Backup GSB fails with the error: mkdir /tmp/kopia-log: read-only file system\r\nUnable to create logs directory: mkdir /tmp/kopia-log: read-only file system Cause Veeam Kasten for Kubernetes 's datamover needs write access to the /t...

CVE-2024-40943

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix races between hole punching and AIO+DIO After commit "ocfs2: return real error code in ocfs2diowrgetblock", fstests/generic/300 become from always failed to sometimes failed:...

PT-2024-18089 · Unknown · Electrolink Fm/Dab/Tv Transmitter

Name of the Vulnerable Software and Affected Versions: Electrolink FM/DAB/TV Transmitter affected versions not specified Description: The devices allow access to an unprotected endpoint that allows MPFS file system binary image upload without authentication. The MPFS2 file system module provides ...

USN-6425-1 samba vulnerabilities

Sri Nagasubramanian discovered that the Samba aclxattr VFS module incorrectly handled read-only files. When Samba is configured to ignore system ACLs, a remote attacker could possibly use this issue to truncate read-only files. CVE-2023-4091 Andrew Bartlett discovered that Samba incorrectly handl...

[SECURITY] Fedora 39 Update: erofs-utils-1.6-3.fc39

EROFS stands for Enhanced Read-Only File System. It aims to be a general read-only file system solution for various use cases instead of just focusing on saving storage space without considering runtime performance. This package includes tools to create, check, and extract EROFS images...

Fedora: Security Advisory for erofs-utils (FEDORA-2023-f838326992)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 38 Update: erofs-utils-1.6-3.fc38

EROFS stands for Enhanced Read-Only File System. It aims to be a general read-only file system solution for various use cases instead of just focusing on saving storage space without considering runtime performance. This package includes tools to create, check, and extract EROFS images...

Medium: containerd

Issue Overview: A bug was found in containerd where containers launched through containerd's CRI implementation with a specially-crafted image configuration could gain access to read-only copies of arbitrary files and directories on the host. This may bypass any policy-based enforcement on...

Exploit for Improper Initialization in Linux Linux_Kernel

Dirty Pipe POC CVE-2022-0847 POC - https://dirtypipe.cm4all.co...

Researchers Warn of Linux Kernel 'Dirty Pipe' Arbitrary File Overwrite Vulnerability

Linux distributions are in the process of issuing patches to address a newly disclosed security vulnerability in the kernel that could allow an attacker to overwrite arbitrary data into any read-only files and allow for a complete takeover of affected systems. Dubbed "Dirty Pipe" CVE-2022-0847,...

Denial Of Service (DoS)

struts2-core is vulnerable to denial of service DoS. The vulnerability exists as when the uploaded file, exposed through a getter, through an Action is set to read-only, causing the subsequent actions on the file to give an error...

CentOS Update for nfs-utils CESA-2009:1321 centos5 i386

Check for the Version of nfs-utils OpenVAS Vulnerability Test CentOS Update for nfs-utils CESA-2009:1321 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify ...

kernel: ext4: Avoid null pointer dereference when decoding EROFS w/o a journal

The ext4decodeerror function in fs/ext4/super.c in the ext4 filesystem in the Linux kernel before 2.6.32 allows user-assisted remote attackers to cause a denial of service NULL pointer dereference, and possibly have unspecified other impact, via a crafted read-only filesystem that lacks a journal...

Low: Red Hat Security Advisory: nfs-utils security and bug fix update

An updated nfs-utils package that fixes a security issue and several bugs is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The nfs-utils package provides a daemon for the kernel NFS server and related tools. It was discovered that...