Astra Linux - уязвимость в webkit2gtk

In BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit, prior to version 2.34.1, there was a limited bypass of the sandbox mechanism. This allowed a sandboxed process to trick host processes into believing that the sandboxed process was not confined by the sandbox. This was achieved by exploiting...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: vfs: Do not leak disconnected dentrys during umount When the user calls openbyhandleat on an inode that is not cached, we will create a disconnected dentry for it. If such a dentry is a directory, exportfsdecodefhraw will attempt...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: vfs: fix race on mflags in vfscache ksmbd maintains delete-on-close and pending-delete state in ksmbdinode-mflags. In vfscache.c this field is accessed under inconsistent locking: some paths read and modify mflags under...

Updated gvfs packages fix security vulnerabilities

Gvfs: gvfs ftp backend: information disclosure via untrusted pasv responses. CVE-2026-28295 Gvfs: ftp gvfs backend: arbitrary ftp command injection via crlf sequences in file paths. CVE-2026-28296...

SUSE-SU-2026:20988-1 Security update for gnome-online-accounts, gvfs

This update for gnome-online-accounts, gvfs fixes the following issues: Changes for gvfs: Update gvfs to 1.59.90: - CVE-2026-28295: information disclosure when processing untrusted PASV responses from FTP servers bsc1258953. - CVE-2026-28296: arbitrary FTP command injection due to unsanitized CRL...

DLA-4513-1 gvfs - security update

Bulletin has no description...

CVE-2026-30914

SFTPGo is an open source, event-driven file transfer solution. In SFTPGo versions prior to 2.7.1, a path normalization discrepancy between the protocol handlers and the internal Virtual Filesystem routing can lead to an authorization bypass. An authenticated attacker can craft specific file paths...

CVE-2026-30914 SFTPGo has a Path Traversal and Permission Bypass via Path Normalization Discrepancy

SFTPGo is an open source, event-driven file transfer solution. In SFTPGo versions prior to 2.7.1, a path normalization discrepancy between the protocol handlers and the internal Virtual Filesystem routing can lead to an authorization bypass. An authenticated attacker can craft specific file paths...

SFTPGo Vulnerable to Path Traversal and Permission Bypass via Path Normalization Discrepancy

Impact In SFTPGo versions prior to 2.7.1, a path normalization discrepancy between the protocol handlers and the internal Virtual Filesystem routing can lead to an authorization bypass. An authenticated attacker can craft specific file paths to bypass folder-level permissions or escape the...

PT-2026-25354

Name of the Vulnerable Software and Affected Versions SFTPGo versions prior to 2.7.1 Description SFTPGo is an open-source, event-driven file transfer solution. A path normalization discrepancy exists between the protocol handlers and the internal Virtual Filesystem routing in versions prior to...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005534)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005534 advisory. In the Linux kernel, the following vulnerability has been resolved: vfs: fix race between eviceinodes and findinode&iput Hi, all Recently I noticed a bug1 in btrfs,...

CVE-2026-28295 Gvfs: gvfs ftp backend: information disclosure via untrusted pasv responses

A flaw was found in the FTP GVfs backend. A malicious FTP server can exploit this vulnerability by providing an arbitrary IP address and port in its passive mode PASV response. The client unconditionally trusts this information and attempts to connect to the specified endpoint, allowing the...

CVE-2025-48769

Use After Free vulnerability was discovered in fs/vfs/fsrename code of the Apache NuttX RTOS, that due recursive implementation and single buffer use by two different pointer variables allowed arbitrary user provided size buffer reallocation and write to the previously freed heap chunk, that in...

CVE-2025-48769

Use After Free vulnerability was discovered in fs/vfs/fsrename code of the Apache NuttX RTOS, that due recursive implementation and single buffer use by two different pointer variables allowed arbitrary user provided size buffer reallocation and write to the previously freed heap chunk, that in...

CVE-2025-48769 Apache NuttX RTOS: fs/vfs/fs_rename: use after free

Use After Free vulnerability was discovered in fs/vfs/fsrename code of the Apache NuttX RTOS, that due recursive implementation and single buffer use by two different pointer variables allowed arbitrary user provided size buffer reallocation and write to the previously freed heap chunk, that in...

CVE-2025-48769

CVE-2025-48769 affects Apache NuttX RTOS. The flaw is a Use-After-Free in the fs/vfs/fs_rename code caused by a recursive implementation reusing a single buffer across two pointers, enabling arbitrary user-provided buffer reallocations and writes to a freed heap chunk. In affected scenarios, this...

EUVD-2026-0010

Use After Free vulnerability was discovered in fs/vfs/fsrename code of the Apache NuttX RTOS, that due recursive implementation and single buffer use by two different pointer variables allowed arbitrary user provided size buffer reallocation and write to the previously freed heap chunk, that in...

PT-2025-54474

Name of the Vulnerable Software and Affected Versions Apache NuttX RTOS versions 7.20 through 12.10 Description A Use After Free issue was identified in the fs/vfs/fs rename code of the Apache NuttX RTOS. The issue stems from a recursive implementation and the use of a single buffer by two...

CVE-2025-40351

CVE-2025-40351: In the Linux kernel, the hfsplus code fix addresses a KMSAN uninit-value issue in hfsplus_delete_cat(), triggered during directory creation and mounting paths (as shown by the syzbot trace for hfsplus_subfolders_dec and related calls). The description indicates the issue being res...

EUVD-2025-36973

In the Linux kernel, the following vulnerability has been resolved: vfs: Don't leak disconnected dentries on umount When user calls openbyhandleat on some inode that is not cached, we will create disconnected dentry for it. If such dentry is a directory, exportfsdecodefhraw will then try to conne...