seatd-launch -- remove files with escalated privileges with SUID

Kenny Levinsen reports: seatd-launch could use a user-specified socket path instead of the internally generated socket path, and would unlink the socket path before use to guard against collision with leftover sockets. This meant that a caller could freely control what file path would be unlinked...

USN-5295-1: Linux kernel (HWE) vulnerabilities

It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-22600 Jann Horn discovered a race condition in the Un...

USN-5294-1 linux vulnerabilities

It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-22600 Szymon Heidrich discovered that the USB Gadget...

SUSE SLES15 Security Update : kernel (Live Patch 11 for SLE 15 SP3) (SUSE-SU-2022:0436-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0436-1 advisory. - A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call...

SUSE-SU-2022:0436-1 Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-5940 fixes several issues. The following security issues were fixed: - CVE-2022-0435: Fixed remote stack overflow in net/tipc module that validate domain record count on input bsc1195308. - CVE-2021-4083: Fixed a read-after-free memory flaw inside the garba...

Important: kernel

Issue Overview: A denial of service flaw for virtual machine guests in the Linux kernel's Xen hypervisor subsystem was found in the way users call some interrupts with high frequency from one of the guests. A local user could use this flaw to starve the resources resulting in a denial of service...

Mageia: Security Advisory (MGASA-2020-0073)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE 15 Security Update : kernel (openSUSE-SU-2022:0169-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0169-1 advisory. - A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users ca...

SUSE SLES15 Security Update : apache2 (SUSE-SU-2022:0091-2)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0091-2 advisory. - A crafted URI sent to httpd configured as a forward proxy ProxyRequests on can cause a crash NULL pointer dereference or, for configurations...

Important: httpd24

Issue Overview: There's a null pointer dereference and server-side request forgery flaw in httpd's modproxy module, when it is configured to be used as a forward proxy. A crafted packet could be sent on the adjacent network to the forward proxy that could cause a crash, or potentially SSRF via...

CVE-2021-4083

A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close and fget simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on...

CVE-2021-4083

A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close and fget simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on...

DEBIAN-CVE-2021-4083

A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close and fget simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on...

Race condition

A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close and fget simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on...

CVE-2021-4083

A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close and fget simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on...

CVE-2021-4083

CVE-2021-4083 is a read-after-free in Linux kernel Unix domain socket GC triggered by a race between close() and fget(). Affected kernels are prior to 5.16-rc4. Local users could crash the system or escalate privileges. Affected products include upstream kernel and Linux distributions (Astra Linu...

CVE-2021-4083

A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close and fget simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on...

Debian DSA-5035-1 : apache2 - security update

The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5035 advisory. - A crafted URI sent to httpd configured as a forward proxy ProxyRequests on can cause a crash NULL pointer dereference or, for configurations mixing forward...

OESA-2021-1473 httpd security update

Apache HTTP Server. Security Fixes: A crafted URI sent to httpd configured as a forward proxy ProxyRequests on can cause a crash NULL pointer dereference or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket...

OESA-2021-1469 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A read-after-free memory flaw was found in the Linux kernel s garbage collection for Unix domain socket file handlers in the way users call close and fget simultaneously and can potentially trigger a race condition. This flaw...