2021 matches found
kernel: proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al
In the Linux kernel, the following vulnerability has been resolved: proc: use the same treatment to check proclseek as ones for procreaditer et.al Check pde-procops-proclseek directly may cause UAF in rmmod scenario. It's a gap in procregopen after commit 654b33ada4ab"proc: fix UAF in...
ALSA-2026:21556 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: proc: use the same treatment to check proclseek as ones for procreaditer et.al CVE-2025-38653 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183...
Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: proc: use the same treatment to check proclseek as ones for procreaditer et.al CVE-2025-38653 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183...
RHEL 9 : kernel (RHSA-2026:21556)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:21556 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: proc: use the same treatment ...
RHEL 9 : kernel (RHSA-2026:21209)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:21209 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: proc: fix UAF in procgetinode...
kernel: proc: fix UAF in proc_get_inode()
In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in procgetinode Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde-procops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc entry has been registered...
kernel: proc: fix UAF in proc_get_inode()
In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in procgetinode Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde-procops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc entry has been registered...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: arm64: The issue was fixed in the concurrently setting of insnemulation sysctls. The emulationprochandler function changes table-data for procdointvecminmax. However, it may cause an OOPs error if called concurrently with itself:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: fs/proc: taskmmu.c: Do not read mapcount for migration entries The syzbot reported the following bug: Kernel bug at include/linux/page-flags.h: 785 Invalid opcode: 0000 1 PREEMPT SMP KASAN CPU: 1; PID: 4392; Comm: syz-executor560...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Firewire: ohci: prevents leakage of leftover IRQs when unbinding The commit 5a95f1ded28691e6 “Firewire: ohci: uses a devres for the requested IRQ” also removed the call to freeirq in pciremove. This resulted in a leftover IRQ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Binder: Fixed another UAF in binderdevices. The commit e77aff5528a18 "binderfs: fixed a use-after-free in binderdevices" addressed a use-after-free where devices could be released without first being removed from the...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: smb: client: fixed a use-after-free bug in cifsdebugdataprocShow Skipped SMB sessions that are being terminated e.g., @ses-sesstatus == SESEXITING in cifsdebugdataProcShow to avoid use-after-free issues with @ses. This fix...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: proc/vmcore: The issue of clearing the user buffer was fixed by properly using clearuser. To clear a user buffer, we cannot simply use memset; we must use clearuser. When using a virtio-mem device that registers a vmcorecb and ha...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: scsi: core: Fixed a regression issue related to the removal of the procfs host directory The commit fc663711b944 “scsi: core: Removed the /proc/scsi/$procname directory earlier” fixed a bug related to module loading/unloading...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: ipv6: fixed an error in ip6routenetexitlate During the initialization of ip6routenetinitlate, if the files ipv6route or rt6stats fail to be created, the initialization is successful by default. Therefore, the ipv6route or rt6stat...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: ipvs: fixed an error in ipvsappnetcleanup During the initialization of ipvsappnetinit, if the file ipvsapp fails to be created, the initialization will still succeed by default. Therefore, the ipvsapp file will not be found durin...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: fixed information leakage in /proc/net/ptype In one net namespace, after creating a packet socket without binding it to a device, users in other net namespaces can observe the newly added packettype by reading the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: scsi: core: Fixed a regression related to the removal of the procfs host directory. The scsiprochostdirrm function decreases a reference counter; therefore, it should only be called once per host that is removed. This change...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: ipvs: fixed an error in ipvscleanupbatch. During the initialization of ipvsconnnetinit, if the files ipvsconn or ipvsconnsync fail to be created, the initialization is successful by default. Therefore, the ipvsconn or...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: raw: Fixed NULL dereference in rawgetnext. Dae R. Jeong reported a NULL dereference in rawgetnext. It seems that the reproduction test was running these sequences in parallel, so one thread was iterating over a socket that was...