Lucene search
K

329 matches found

OSV
OSV
added 2026/06/29 11:50 a.m.7 views

PYSEC-2026-299 BoxLite: Permission Bypass Allows Modification of Read-Only Files

Summary Boxlite is a sandbox service that allows users to create lightweight virtual machines Boxes and launch OCI containers within them to run untrusted code. One of the core security features claimed by Boxlite is the ability to mount host directories in read-only mode readonly=True into the V...

10CVSS6.2AI score0.00289EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/06/10 10:20 p.m.10 views

CVE-2026-46695 BoxLite: Permission Bypass in boxlite Allows Modification of Read-Only Files

Boxlite is a sandbox service that allows users to create lightweight virtual machines Boxes and launch OCI containers within them to run untrusted code. Prior to version 0.9.0, Boxlite does not restrict the kernel capabilities available inside the container, malicious code can remount the directo...

10CVSS5.6AI score0.00289EPSS
Exploits0References3
OSV
OSV
added 2026/06/10 10:20 p.m.3 views

CVE-2026-46695 BoxLite: Permission Bypass in boxlite Allows Modification of Read-Only Files

Boxlite is a sandbox service that allows users to create lightweight virtual machines Boxes and launch OCI containers within them to run untrusted code. Prior to version 0.9.0, Boxlite does not restrict the kernel capabilities available inside the container, malicious code can remount the directo...

10CVSS6AI score0.00289EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2026/05/29 8:9 a.m.11 views

eventfs: Hold eventfs_mutex and SRCU when remount walks events

...

5.5CVSS5.4AI score0.00122EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/29 1:17 a.m.13 views

SUSE CVE-2026-46106

In the Linux kernel, the following vulnerability has been resolved: eventfs: Hold eventfsmutex and SRCU when remount walks events Commit 340f0c7067a9 "eventfs: Update all the eventfsinodes from the events descriptor" had eventfssetattrs recurse through ei-children on remount. The walk only holds...

4.1CVSS5.7AI score0.00122EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-46106

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - eventfs: Hold eventfsmutex and SRCU when remount walks events Commit 340f0c7067a9 eventfs: Update all the eventfsinodes from the events descriptor had...

5.5CVSS6.2AI score0.00122EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/28 8:35 p.m.13 views

CVE-2026-46106

A flaw was found in the Linux kernel's eventfs component. This vulnerability allows a local attacker to trigger a race condition during remount operations. By exploiting insufficient locking mechanisms when processing event descriptors, an attacker can cause memory corruption, leading to a denial...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/28 12:30 p.m.11 views

EUVD-2026-32865

In the Linux kernel, the following vulnerability has been resolved: eventfs: Hold eventfsmutex and SRCU when remount walks events Commit 340f0c7067a9 "eventfs: Update all the eventfsinodes from the events descriptor" had eventfssetattrs recurse through ei-children on remount. The walk only holds...

5.7AI score0.00122EPSS
Exploits0References6
NVD
NVD
added 2026/05/28 10:16 a.m.13 views

CVE-2026-46106

In the Linux kernel, the following vulnerability has been resolved: eventfs: Hold eventfsmutex and SRCU when remount walks events Commit 340f0c7067a9 "eventfs: Update all the eventfsinodes from the events descriptor" had eventfssetattrs recurse through ei-children on remount. The walk only holds...

5.5CVSS0.00122EPSS
Exploits0References5
OSV
OSV
added 2026/05/28 10:16 a.m.8 views

UBUNTU-CVE-2026-46106

In the Linux kernel, the following vulnerability has been resolved: eventfs: Hold eventfsmutex and SRCU when remount walks events Commit 340f0c7067a9 "eventfs: Update all the eventfsinodes from the events descriptor" had eventfssetattrs recurse through ei-children on remount. The walk only holds...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/05/28 9:35 a.m.36 views

CVE-2026-46106 eventfs: Hold eventfs_mutex and SRCU when remount walks events

In the Linux kernel, the following vulnerability has been resolved: eventfs: Hold eventfsmutex and SRCU when remount walks events Commit 340f0c7067a9 "eventfs: Update all the eventfsinodes from the events descriptor" had eventfssetattrs recurse through ei-children on remount. The walk only holds...

0.00122EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2026/05/28 9:35 a.m.10 views

CVE-2026-46106

In the Linux kernel, the following vulnerability has been resolved: eventfs: Hold eventfsmutex and SRCU when remount walks events Commit 340f0c7067a9 "eventfs: Update all the eventfsinodes from the events descriptor" had eventfssetattrs recurse through ei-children on remount. The walk only holds...

5.5CVSS5.7AI score0.00122EPSS
Exploits0
CVE
CVE
added 2026/05/28 9:35 a.m.28 views

CVE-2026-46106

CVE-2026-46106 concerns the Linux kernel eventfs remount race. The root cause is a race where eventfs_inodes are traversed while remounts are performed, due to mixing rcu_read_lock usage with SRCU and not holding eventfs_mutex during the critical walk. The fix (commit 340f0c7067a9) updates the ev...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/05/28 9:35 a.m.1 views

CVE-2026-46106 eventfs: Hold eventfs_mutex and SRCU when remount walks events

In the Linux kernel, the following vulnerability has been resolved: eventfs: Hold eventfsmutex and SRCU when remount walks events Commit 340f0c7067a9 "eventfs: Update all the eventfsinodes from the events descriptor" had eventfssetattrs recurse through ei-children on remount. The walk only holds...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.21 views

PT-2026-44229

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the eventfs component where the system fails to properly hold the eventfs mutex and SRCU Sleepable Read-Copy Update during remount operations that walk events...

9.8CVSS5.8AI score0.03663EPSS
Exploits15References281
OSV
OSV
added 2026/05/21 9:52 p.m.15 views

GHSA-G6WW-W5J2-R7X3 BoxLite: Permission Bypass Allows Modification of Read-Only Files

Summary Boxlite is a sandbox service that allows users to create lightweight virtual machines Boxes and launch OCI containers within them to run untrusted code. One of the core security features claimed by Boxlite is the ability to mount host directories in read-only mode readonly=True into the V...

10CVSS6.3AI score0.00289EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/05/21 9:52 p.m.20 views

BoxLite: Permission Bypass Allows Modification of Read-Only Files

Summary Boxlite is a sandbox service that allows users to create lightweight virtual machines Boxes and launch OCI containers within them to run untrusted code. One of the core security features claimed by Boxlite is the ability to mount host directories in read-only mode readonly=True into the V...

10CVSS6.2AI score0.00289EPSS
Exploits0References6Affected Software4
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: f2fs: Fix to correctly check the readonly condition. In the following case, it is possible to mount a multi-device image with the rw option. However, if one of the secondary devices is set as ro, subsequent updates will cause a...

5.7AI score0.00168EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: In ext4, the work related to queued discard operations is always drained in ext4mbrelease. While reviewing the recent ext4 patch1, Sashiko raised the following concern2: If the file system is initially mounted with the discard...

5.5CVSS6.2AI score0.00117EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: f2fs: The online repair mechanism for corrupted directories has been removed. The syzbot reports the following f2fs bug: Kernel BUG at fs/f2fs/inode.c:896! RIP: 0010:f2fsevict inode+0x1598/0x15c0 fs/f2fs/inode.c:896 Call trace:...

5.5CVSS6.4AI score0.00235EPSS
Exploits0References2
Rows per page
Query Builder