448 matches found
Denial Of Service (DoS)
kernel is vulnerable to denial of service. The vulnerability exists due to a read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-1328)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
kernel: fget: check that the fd still exists after getting a ref to it
A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close and fget simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on...
kernel: Use After Free in unix_gc() which could result in a local privilege escalation
A vulnerability was found in unixdgramrecvmsg in net/unix/afunix.c in the Linux kernel's garbage collection for Unix domain socket file handlers. In this flaw, a missing cleanup may lead to a use-after-free due to a race problem. This flaw allows a local user to crash the system or escalate their...
kernel: fget: check that the fd still exists after getting a ref to it
A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close and fget simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on...
kernel: Use After Free in unix_gc() which could result in a local privilege escalation
A vulnerability was found in unixdgramrecvmsg in net/unix/afunix.c in the Linux kernel's garbage collection for Unix domain socket file handlers. In this flaw, a missing cleanup may lead to a use-after-free due to a race problem. This flaw allows a local user to crash the system or escalate their...
kernel: Use After Free in unix_gc() which could result in a local privilege escalation
A vulnerability was found in unixdgramrecvmsg in net/unix/afunix.c in the Linux kernel's garbage collection for Unix domain socket file handlers. In this flaw, a missing cleanup may lead to a use-after-free due to a race problem. This flaw allows a local user to crash the system or escalate their...
kernel: Use After Free in unix_gc() which could result in a local privilege escalation
A vulnerability was found in unixdgramrecvmsg in net/unix/afunix.c in the Linux kernel's garbage collection for Unix domain socket file handlers. In this flaw, a missing cleanup may lead to a use-after-free due to a race problem. This flaw allows a local user to crash the system or escalate their...
kernel: Use After Free in unix_gc() which could result in a local privilege escalation
A vulnerability was found in unixdgramrecvmsg in net/unix/afunix.c in the Linux kernel's garbage collection for Unix domain socket file handlers. In this flaw, a missing cleanup may lead to a use-after-free due to a race problem. This flaw allows a local user to crash the system or escalate their...
EulerOS 2.0 SP9 : kernel (EulerOS-SA-2022-1308)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In unixscmtoskb of afunix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege wi...
EulerOS 2.0 SP9 : kernel (EulerOS-SA-2022-1292)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database aka dbx protection mechanism. This affect...
SUSE SLES12 Security Update : kernel (Live Patch 38 for SLE 12 SP3) (SUSE-SU-2022:0552-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0552-1 advisory. - A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way...
Ubuntu: Security Advisory (USN-5297-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2022:0552-1 Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3)
This update for the Linux Kernel 4.4.180-94138 fixes several issues. The following security issues were fixed: - CVE-2021-4202: Fixed NFC race condition by adding NCIUNREG flag bsc1194533. - CVE-2021-4083: Fixed a read-after-free memory flaw inside the garbage collection for Unix domain socket fi...
USN-5298-1: Linux kernel vulnerabilities
It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-22600 Jürgen Groß discovered that the Xen subsystem...
USN-5294-2: Linux kernel vulnerabilities
It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-22600 Szymon Heidrich discovered that the USB Gadget...
USN-5297-1: Linux kernel (GKE) vulnerabilities
Szymon Heidrich discovered that the USB Gadget subsystem in the Linux kernel did not properly restrict the size of control requests for certain gadget types, leading to possible out of bounds reads or writes. A local attacker could use this to cause a denial of service system crash or possibly...
USN-5295-2: Linux kernel vulnerabilities
It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-22600 Jann Horn discovered a race condition in the Un...
Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel (GKE) vulnerabilities (USN-5297-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5297-1 advisory. Szymon Heidrich discovered that the USB Gadget subsystem in the Linux kernel did not properly restrict the size of control requests for certa...
Ubuntu 16.04 ESM / 18.04 LTS : Linux kernel vulnerabilities (USN-5298-1)
The remote Ubuntu 16.04 ESM / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5298-1 advisory. It was discovered that the Packet network protocol implementation in the Linux kernel contained a double- free vulnerability. A local attacke...