378 matches found
EUVD-2013-7210
Malware in sbrugna...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414657)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414657 advisory. In unixscmtoskb of afunix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution...
EUVD-2024-23938
Malicious code in bioql PyPI...
EUVD-2021-28254
Malicious code in bioql PyPI...
EUVD-2024-31811
Malicious code in bioql PyPI...
EUVD-2023-54475
Malicious code in bioql PyPI...
af_unix: Fix null-ptr-deref in unix_stream_sendpage().
...
Linux Distros Unpatched Vulnerability : CVE-2022-50234
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iouring/afunix: defer registered files gc to iouring release Instead of putting iouring's registered files in unixgc we want it to be done by iouring itself. Th...
SUSE CVE-2023-53204
In the Linux kernel, the following vulnerability has been resolved: afunix: Fix data-races around user-unixinflight. user-unixinflight is changed under spinlockunixgclock, but toomanyunixfds reads it locklessly. Let's annotate the write/read accesses to user-unixinflight. BUG: KCSAN: data-race in...
CVE-2022-50323
In the Linux kernel, the following vulnerability has been resolved: net: do not sense pfmemalloc status in skbappendpagefrags skbappendpagefrags is used by afunix and udp sendpage implementation so far. In commit 326140063946 "tcp: TX zerocopy should not sense pfmemalloc status" we explained why ...
DEBIAN-CVE-2022-50323
In the Linux kernel, the following vulnerability has been resolved: net: do not sense pfmemalloc status in skbappendpagefrags skbappendpagefrags is used by afunix and udp sendpage implementation so far. In commit 326140063946 "tcp: TX zerocopy should not sense pfmemalloc status" we explained why ...
DEBIAN-CVE-2022-50234
In the Linux kernel, the following vulnerability has been resolved: iouring/afunix: defer registered files gc to iouring release Instead of putting iouring's registered files in unixgc we want it to be done by iouring itself. The trick here is to consider iouring registered files for cycle...
CVE-2022-50234
In the Linux kernel, the following vulnerability has been resolved: iouring/afunix: defer registered files gc to iouring release Instead of putting iouring's registered files in unixgc we want it to be done by iouring itself. The trick here is to consider iouring registered files for cycle...
UBUNTU-CVE-2022-50234
In the Linux kernel, the following vulnerability has been resolved: iouring/afunix: defer registered files gc to iouring release Instead of putting iouring's registered files in unixgc we want it to be done by iouring itself. The trick here is to consider iouring registered files for cycle...
CVE-2022-50234 io_uring/af_unix: defer registered files gc to io_uring release
In the Linux kernel, the following vulnerability has been resolved: iouring/afunix: defer registered files gc to iouring release Instead of putting iouring's registered files in unixgc we want it to be done by iouring itself. The trick here is to consider iouring registered files for cycle...
CVE-2022-50234 io_uring/af_unix: defer registered files gc to io_uring release
In the Linux kernel, the following vulnerability has been resolved: iouring/afunix: defer registered files gc to iouring release Instead of putting iouring's registered files in unixgc we want it to be done by iouring itself. The trick here is to consider iouring registered files for cycle...
CVE-2022-50234
CVE-2022-50234 concerns the Linux kernel’s io_uring/af_unix subsystem. The vulnerability arises from deferring the garbage-collection of registered files to the io_uring release path rather than performing it via unix_gc(), coupled with using these registered files for cycle-detection without act...
Linux Distros Unpatched Vulnerability : CVE-2022-48970
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: afunix: Get userns from inskb in unixdiaggetexact. Wei Chen reported a NULL deref in skusern...
Important: kernel6.12
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: virtio: break and reset virtio devices on deviceshutdown CVE-2025-38064 In the Linux kernel, the following vulnerability has been resolved: netfs: Fix oops in write-retry from mis-resetting the subreq iterator...
AZL-72781 CVE-2025-38236 affecting package kernel for versions less than 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: afunix: Don't leave consecutive consumed OOB skbs. Jann Horn reported a use-after-free in unixstreamreadgeneric. The following sequences reproduce the issue: $ python3 from socket import s1, s2 = socketpairAFUNIX, SOCKSTREAM...