Lucene search
K

11 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: Fix for a use-after-free in ext4renamedirprepare. We encountered the following issue: EXT4-fs loop0: Mounted a filesystem without a journal. Options: , errors=continue. ext4getfirstdirblock: bh-bdata=0xffff88810bee6000,...

7.8CVSS5.5AI score0.00281EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/11 5:10 p.m.7 views

Directory Traversal

Overview @hapi/inert is a Static file and directory handlers plugin for hapi.js Affected versions of this package are vulnerable to Directory Traversal via the confine option. An unauthenticated remote attacker can access files outside the intended directory by crafting requests that exploit...

8.2CVSS6.3AI score0.00062EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/11 5:10 p.m.9 views

@hapi/inert has a static-file confinement bypass via sibling-prefix path

Impact @hapi/inert serves static files from a directory configured with path in the directory / file handlers or relativeTo for h.file, with confinement enforced by the confine option default true. Before the patch, the confinement check compared the resolved absolute path against the confine...

5.6AI score0.00062EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/06 5:25 p.m.10 views

CVE-2025-71292

A flaw was found in the Linux kernel's Journaled File System JFS. This vulnerability occurs when a directory's link count nlink reaches its maximum value and a rename operation is performed on a child directory. This can cause the link count to wrap around, leading to an nlink overflow. The...

5.5CVSS6AI score0.00128EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.4 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002340)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002340 advisory. The prependpath function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users to...

6.9CVSS7AI score0.01246EPSS
Exploits0References37
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986383)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986383 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free in ext4renamedirprepare We got issue as follows: EXT4-fs loop0: mounted...

7.8CVSS6.1AI score0.00281EPSS
Exploits0References4
OSV
OSV
added 2025/07/25 1:15 p.m.5 views

DEBIAN-CVE-2025-38365

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix a race between renames and directory logging We have a race between a rename and directory inode logging that if it happens and we crash/power fail before the rename completes, the next time the filesystem is mounted,...

4.7CVSS5.4AI score0.00114EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/02/27 3:8 a.m.3 views

SUSE CVE-2022-49349

In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free in ext4renamedirprepare We got issue as follows: EXT4-fs loop0: mounted filesystem without journal. Opts: ,errors=continue ext4getfirstdirblock: bh-bdata=0xffff88810bee6000 len=34478 ext4getfirstdirblock:...

5.5CVSS7.6AI score0.00281EPSS
Exploits0References10
CNNVD
CNNVD
added 2025/02/26 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from ext4renamedirprepare not handling parent directory entries correctly, which could lead to reuse after releas...

7.8CVSS5.5AI score0.00281EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2022/11/15 11:55 a.m.2 views

kernel: ext4: fix use-after-free in ext4_rename_dir_prepare

In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free in ext4renamedirprepare We got issue as follows: EXT4-fs loop0: mounted filesystem without journal. Opts: ,errors=continue ext4getfirstdirblock: bh-bdata=0xffff88810bee6000 len=34478 ext4getfirstdirblock:...

7.8CVSS6.3AI score0.00281EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2021/08/12 12:0 a.m.4 views

PT-2021-22240 · Rengine · Rengine

Name of the Vulnerable Software and Affected Versions: reNgine versions 0.5 and earlier Description: The issue is related to reNgine relying on a predictable directory name. Recommendations: For versions 0.5 and earlier, consider renaming or randomizing directory names to mitigate the risk of...

9.8CVSS9.1AI score0.01202EPSS
Exploits0References5
Rows per page
Query Builder