wrong proxy connection reuse with credentials

curl would wrongly reuse an existing HTTP proxy connection doing CONNECT to a server, even if the new request uses different credentials for the HTTP proxy. The proper behavior is to create or use a separate connection...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net/tcp: Fixed a NULL pointer dereference issue when using TCP-AO with TCPREPAIR. A NULL pointer dereference can occur in the tcpaofinishconnect function during a connect system call on a socket that has a TCP-AO key added and...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: udp: Deal with race between UDP socket address change and rehash If a UDP socket changes its local address while it's receiving datagrams, as a result of connect, there is a period during which a lookup operation might fail to fi...

kernel: af_unix: Fix garbage collector racing against connect()

A flaw was found in the Linux kernel, where the management of inter-process communication uses AFUNIX sockets. The issue arises from a race condition where a partially initialized socket with specific permissions carrying SCMRIGHTS is improperly handled during garbage collection. This situation...

kernel: af_unix: Fix garbage collector racing against connect()

A flaw was found in the Linux kernel, where the management of inter-process communication uses AFUNIX sockets. The issue arises from a race condition where a partially initialized socket with specific permissions carrying SCMRIGHTS is improperly handled during garbage collection. This situation...

kernel: af_unix: Fix garbage collector racing against connect()

A flaw was found in the Linux kernel, where the management of inter-process communication uses AFUNIX sockets. The issue arises from a race condition where a partially initialized socket with specific permissions carrying SCMRIGHTS is improperly handled during garbage collection. This situation...

The vulnerability of TCP protocols in real-time operating systems like Wind River VxWorks allows attackers to execute arbitrary code.

The vulnerability of the TCP protocol in real-time operating systems like Wind River VxWorks stems from errors in the TCP Urgent Pointer during the “connect” operation when connecting to a remote host. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending specially...

kernel: CAN minor heap overflow

Heap-based buffer overflow in the bcmconnect function in net/can/bcm.c aka the Broadcast Manager in the Controller Area Network CAN implementation in the Linux kernel before 2.6.36.2 on 64-bit platforms might allow local users to cause a denial of service memory corruption via a connect operation...

CVE-2010-3874

Heap-based buffer overflow in the bcmconnect function in net/can/bcm.c aka the Broadcast Manager in the Controller Area Network CAN implementation in the Linux kernel before 2.6.36.2 on 64-bit platforms might allow local users to cause a denial of service memory corruption via a connect operation...

CVE-2010-3874

Heap-based buffer overflow in the bcmconnect function in net/can/bcm.c aka the Broadcast Manager in the Controller Area Network CAN implementation in the Linux kernel before 2.6.36.2 on 64-bit platforms might allow local users to cause a denial of service memory corruption via a connect operation...