Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000332)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000332 advisory. In the Linux kernel before 5.7.8, fs/nfsd/vfs.c in the NFS server can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support, aka...

RHEL 6 : emacs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - emacs: command injection flaw within enriched mode handling CVE-2017-14482 - emacs: command execution via...

CVE-2023-35845

Anaconda 3 2023.03-1-Linux allows local users to disrupt TLS certificate validation by modifying the cacert.pem file used by the installed pip program. This occurs because many files are installed as world-writable on Linux, ignoring umask, even when these files are installed as root. Miniconda i...

PT-2023-9267 · Rust +10 · Cargo +10

Name of the Vulnerable Software and Affected Versions: Cargo versions prior to 0.72.2 Rust versions prior to 1.71.1 Description: The issue is related to the Cargo package manager for the Rust programming language, which ignores umask when extracting archives created in UNIX-like systems. This cou...

SUSE CVE-2017-1000383

GNU Emacs version 25.3.1 and other versions most likely ignores umask when creating a backup save file "ORIGINALFILENAME" resulting in files that may be world readable or otherwise accessible in ways not intended by the user running the emacs binary...

SUSE CVE-2020-24394

In the Linux kernel before 5.7.8, fs/nfsd/vfs.c in the NFS server can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support, aka CID-22cf8419f131. This occurs because the current umask is not considered...

kernel: umask not applied on filesystem without ACL support

A vulnerability was found in NFSv4.2 in the Linux kernel, where a server fails to correctly apply umask when creating a new object on filesystem without ACL support for example, ext4 with the "noacl" mount option. This flaw allows a local attacker with a user privilege to cause a kernel informati...

UBUNTU-CVE-2020-24394

In the Linux kernel before 5.7.8, fs/nfsd/vfs.c in the NFS server can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support, aka CID-22cf8419f131. This occurs because the current umask is not considered...

libcgroup up to and including 0.41 creates /var/log/cgred with mode 0666 regardless of the configured umask leading to disclosure of information.

...

PT-2020-6153 · Linux +7 · Linux Kernel +7

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.7.8 Description: The issue is related to insufficient permission assignment checks for a critical resource in the fs/nfsd/vfs.c component of the Linux kernel. This can allow an attacker to gain unauthorized...

DEBIAN-CVE-2018-14348

libcgroup up to and including 0.41 creates /var/log/cgred with mode 0666 regardless of the configured umask, leading to disclosure of information...

DEBIAN-CVE-2017-1000382

VIM version 8.0.1187 and other versions most likely ignores umask when creating a swap file "ORIGINALFILENAME.swp" resulting in files that may be world readable or otherwise accessible in ways not intended by the user running the vi binary...

UBUNTU-CVE-2017-1000383

GNU Emacs version 25.3.1 and other versions most likely ignores umask when creating a backup save file "ORIGINALFILENAME" resulting in files that may be world readable or otherwise accessible in ways not intended by the user running the emacs binary...