33 matches found
PT-2026-51716
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the checkpoint/restore sysctl path where the ipc idr alloc function forwards requests to idr alloc with an open-ended upper bound. When the valid SysV IPC id space is...
runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects
A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...
EUVD-2025-201186
In the Linux kernel, the following vulnerability has been resolved: pidfs: validate extensible ioctls Validate extensible ioctls stricter than we do now...
SUSE SLES15 / openSUSE 15 Security Update : podman (SUSE-SU-2025:4081-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4081-1 advisory. - CVE-2025-31133: Fixed container escape via 'masked path' abuse due to mount race conditions bsc1252376 -...
MGASA-2025-0271 Updated opencontainers-runc packages fix security vulnerabilities
The way masked paths are implemented in runc can be exploited to cause the host system to crash or halt CVE-2025-31133 and a flaw in /dev/console bind-mounts can lead to container escape CVE-2025-52565. Also, arbitrary write gadgets and procfs write redirects could be used to engineer container...
PT-2025-45373
Name of the Vulnerable Software and Affected Versions runc versions 1.0.0-rc3 through 1.2.7 runc versions 1.3.0-rc.1 through 1.3.2 runc versions 1.4.0-rc.1 through 1.4.0-rc.2 Description Insufficient checks when bind-mounting /dev/pts/$n to /dev/console inside a container allow an attacker to tri...
EUVD-2011-3478
Malware in sbrugna...
EUVD-2005-4695
Malware in sbrugna...
CVE-2022-50502
...
EUVD-2025-25549
Malicious code in bioql PyPI...
proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al
...
Linux Distros Unpatched Vulnerability : CVE-2025-38003
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - can: bcm: add missing rcu read protection for procfs content When the procfs content is generated for a bcmop which is in the process to be removed the procfs...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: afs: Fixed the maximum length of cell names. The kafs filesystem limits the maximum length of a cell to 256 bytes. However, a problem arises when someone attempts to create a directory under /proc/net/afs/ with the name of a cell...
DEBIAN-CVE-2023-53118
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix a procfs host directory removal regression scsiprochostdirrm decreases a reference counter and hence must only be called once per host that is removed. This change does not require a scsiaddhostwithdma change sinc...
kernel: nfs: Handle error of rpc_proc_register() in nfs_net_init().
In the Linux kernel, the following vulnerability has been resolved: nfs: Handle error of rpcprocregister in nfsnetinit. syzkaller reported a warning 0 triggered while destroying immature netns. rpcprocregister was called in initnfsfs, but its error has been ignored since at least the initial comm...
AZL-59604 CVE-2025-21999 affecting package kernel for versions less than 5.15.180.1-1
In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in procgetinode Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde-procops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc entry has been registered...
kernel: can: bcm: Fix UAF in bcm_proc_show()
In the Linux kernel, the following vulnerability has been resolved: can: bcm: Fix UAF in bcmprocshow BUG: KASAN: slab-use-after-free in bcmprocshow+0x969/0xa80 Read of size 8 at addr ffff888155846230 by task cat/7862 CPU: 1 PID: 7862 Comm: cat Not tainted 6.5.0-rc1-00153-gc8746099c197 230 Hardwar...
kernel: scsi: core: Fix unremoved procfs host directory regression
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix unremoved procfs host directory regression The Linux kernel CVE team has assigned CVE-2024-26935 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024050124-CVE-2024-26935-8b4e@gregkh/T...
SUSE CVE-2025-21646
In the Linux kernel, the following vulnerability has been resolved: afs: Fix the maximum cell name length The kafs filesystem limits the maximum length of a cell to 256 bytes, but a problem occurs if someone actually does that: kafs tries to create a directory under /proc/net/afs/ with the name o...
procps buffer error vulnerability
procps is the procps-ng open source command line and full screen utility for browsing procfs. A security vulnerability exists in procps that stems from allowing a user with the right to run the procps program on a computer to write a virtually unlimited amount of unfiltered data to the process he...