Lucene search
K

5 matches found

Github Security Blog
Github Security Blog
added 2026/05/18 4:37 p.m.20 views

shopper/framework: Race condition on Discount.usage_limit allows silent over-redemption

Impact CreateOrderFromCartAction::execute previously created the Order row before checking and incrementing the discount's totaluse counter. Under concurrent checkout pressure Black Friday, flash sale, viral coupon, the global usagelimit was silently exceeded: orders were committed with the...

5.9CVSS5.8AI score0.00239EPSS
Exploits0References7Affected Software1
EUVD
EUVD
added 2026/05/08 3:31 p.m.10 views

EUVD-2026-28622

In the Linux kernel, the following vulnerability has been resolved: btrfs: reserve enough transaction items for qgroup ioctls Currently our qgroup ioctls don't reserve any space, they just do a transaction join, which does not reserve any space, neither for the quota tree updates nor for the...

5.8AI score0.00114EPSS
Exploits0References5
OSV
OSV
added 2026/05/08 2:16 p.m.7 views

UBUNTU-CVE-2026-43338

In the Linux kernel, the following vulnerability has been resolved: btrfs: reserve enough transaction items for qgroup ioctls Currently our qgroup ioctls don't reserve any space, they just do a transaction join, which does not reserve any space, neither for the quota tree updates nor for the...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References7
CVE
CVE
added 2026/05/08 1:31 p.m.21 views

CVE-2026-43338

CVE-2026-43338 affects the Linux kernel with the Btrfs filesystem. The issue arises because qgroup ioctls do not reserve transaction space, allowing -ENOSPC scenarios during quota-tree updates and delayed refs, which can abort transactions and enable a DoS condition. Vendors have published adviso...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2024/03/22 11:7 a.m.12 views

OESA-2024-1299 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock when cloning inline extents and using qgroups There are a few exceptional cases where cloning an inline extent needs to copy the inline exten...

7.8CVSS6.6AI score0.00248EPSS
Exploits0References6
Rows per page
Query Builder