Lucene search
K

313 matches found

OSV
OSV
added 2026/04/24 3:16 p.m.6 views

DEBIAN-CVE-2026-31571

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Unlink NV12 planes earlier unlinknv12plane will clobber parts of the plane state potentially already set up by planeatomiccheck, so we must make sure not to call the two in the wrong order. The problem happens when a...

5.5CVSS5.3AI score0.00121EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/24 2:42 p.m.32 views

CVE-2026-31598 ocfs2: fix possible deadlock between unlink and dio_end_io_write

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix possible deadlock between unlink and dioendiowrite ocfs2unlink takes orphan dir inodelock first and then ipallocsem, while in ocfs2dioendiowrite, it acquires these locks in reverse order. This creates an ABBA lock...

7.5CVSS0.00435EPSS
Exploits0References9
EUVD
EUVD
added 2026/04/24 2:42 p.m.6 views

EUVD-2026-25491

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix possible deadlock between unlink and dioendiowrite ocfs2unlink takes orphan dir inodelock first and then ipallocsem, while in ocfs2dioendiowrite, it acquires these locks in reverse order. This creates an ABBA lock...

5.4AI score0.00435EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/24 2:42 p.m.4 views

CVE-2026-31598

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix possible deadlock between unlink and dioendiowrite ocfs2unlink takes orphan dir inodelock first and then ipallocsem, while in ocfs2dioendiowrite, it acquires these locks in reverse order. This creates an ABBA lock...

7.5CVSS5.3AI score0.00435EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2026/04/24 2:42 p.m.16 views

CVE-2026-31598

Summary of CVE-2026-31598 (ocfs2 deadlock) : In the Linux kernel OCFS2, a potential deadlock arises from ABBA lock ordering between unlink and dio_end_io_write. The path in unlink acquires inode_lock (orphan_dir_inode) before ip_alloc_sem, while dio_end_io_write acquires ip_alloc_sem first, then ...

7.5CVSS5.4AI score0.00435EPSS
Exploits0References9Affected Software1
Debian CVE
Debian CVE
added 2026/04/24 2:42 p.m.6 views

CVE-2026-31598

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix possible deadlock between unlink and dioendiowrite ocfs2unlink takes orphan dir inodelock first and then ipallocsem, while in ocfs2dioendiowrite, it acquires these locks in reverse order. This creates an ABBA lock...

7.5CVSS5.3AI score0.00435EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/04/24 2:35 p.m.3 views

CVE-2026-31571

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Unlink NV12 planes earlier unlinknv12plane will clobber parts of the plane state potentially already set up by planeatomiccheck, so we must make sure not to call the two in the wrong order. The problem happens when a...

5.5CVSS5.3AI score0.00121EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/24 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-31571

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/i915: Unlink NV12 planes earlier unlinknv12plane will clobber parts of the plane state potentially already set up by planeatomiccheck, so we must make sure...

5.5CVSS6.2AI score0.00121EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/24 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from inconsistent lock order between the unlink operation of the ocfs2 file system and the dioendiowrite...

7.5CVSS5.8AI score0.00435EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.13 views

PT-2026-34950

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock can occur in the ocfs2 module due to an ABBA lock ordering violation between the ocfs2 unlink and ocfs2 dio end io write functions. The ocfs2 unlink function acquires the orph...

9.8CVSS5.8AI score0.00514EPSS
Exploits0References321
ATTACKERKB
ATTACKERKB
added 2026/04/22 4:8 p.m.5 views

CVE-2026-35355

The install utility in uutils coreutils is vulnerable to a Time-of-Check to Time-of-Use TOCTOU race condition during file installation. The implementation unlinks an existing destination file and then recreates it using a path-based operation without the OEXCL flag. A local attacker can exploit t...

6.3CVSS5.8AI score0.00117EPSS
Exploits1References3
NVD
NVD
added 2026/04/22 2:16 p.m.4 views

CVE-2026-31511

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix dangling pointer on mgmtaddadvpatternsmonitorcomplete This fixes the condition checking so mgmtpendingvalid is executed whenever status != -ECANCELED otherwise calling mgmtpendingfreecmd would kfreecmd withou...

7.8CVSS0.00129EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.6 views

PT-2026-34491

The install utility in uutils coreutils is vulnerable to a Time-of-Check to Time-of-Use TOCTOU race condition during file installation. The implementation unlinks an existing destination file and then recreates it using a path-based operation without the O EXCL flag. A local attacker can exploit...

6.3CVSS5.8AI score0.00117EPSS
Exploits1References3
NVD
NVD
added 2026/04/21 11:16 p.m.3 views

CVE-2026-41058

WWBN AVideo is an open source video platform. In versions 29.0 and below, the incomplete fix for AVideo's CloneSite deleteDump parameter does not apply path traversal filtering, allowing unlink of arbitrary files via ../../ sequences in the GET parameter. Commit...

8.1CVSS0.00469EPSS
Exploits1References4
CVE
CVE
added 2026/04/21 10:43 p.m.17 views

CVE-2026-41058

WWBN AVideo (open source video platform) is affected in versions 29.0 and below by an incomplete fix for a path-traversal issue in the CloneSite deleteDump parameter. The vulnerability allows an attacker to cause unlink() of arbitrary files via GET parameter ../../ sequences due to missing path-t...

8.1CVSS5.9AI score0.00469EPSS
Exploits1References4Affected Software1
EUVD
EUVD
added 2026/04/20 9:31 p.m.8 views

EUVD-2026-23935

The wpForo Forum plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to and including 3.0.5. This is due to two compounding flaws: the Members::update method does not validate or restrict the value of file-type custom profile fields, allowing authenticated users to store ...

8.1CVSS6.6AI score0.00593EPSS
Exploits0References6
NVD
NVD
added 2026/03/26 8:16 p.m.4 views

CVE-2026-33631

ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. In versions on the 4.1 branch and earlier, the opfilter Endpoint Security system extension enforced file access policy exclusively by intercepting ESEVENTTYPEAUTHOPEN events. Seven additional file...

8.7CVSS0.00101EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/26 7:30 p.m.1 views

CVE-2026-33631 ClearanceKit: opfilter policy bypass via non-open file operations

ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. In versions on the 4.1 branch and earlier, the opfilter Endpoint Security system extension enforced file access policy exclusively by intercepting ESEVENTTYPEAUTHOPEN events. Seven additional file...

8.7CVSS5.9AI score0.00101EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/26 7:30 p.m.2 views

CVE-2026-33631

ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. In versions on the 4.1 branch and earlier, the opfilter Endpoint Security system extension enforced file access policy exclusively by intercepting ESEVENTTYPEAUTHOPEN events. Seven additional file...

8.7CVSS5.8AI score0.00101EPSS
Exploits0References3Affected Software1
Microsoft CVE
Microsoft CVE
added 2026/03/26 8:5 a.m.3 views

netfilter: nft_set_pipapo: split gc into unlink and reclaim phase

...

7.8CVSS5.8AI score0.00119EPSS
Exploits0
Rows per page
Query Builder