416 matches found
SUSE CVE-2005-2492
The rawsendmsg function in the Linux kernel 2.6 before 2.6.13.1 allows local users to cause a denial of service change hardware state or read from arbitrary memory via crafted input...
SUSE CVE-2008-5300
Linux kernel 2.6.28 allows local users to cause a denial of service "soft lockup" and process loss via a large number of sendmsg function calls, which does not block during AFUNIX garbage collection and triggers an OOM condition, a different vulnerability than CVE-2008-5029...
SUSE CVE-2010-3848
Stack-based buffer overflow in the econetsendmsg function in net/econet/afeconet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to gain privileges by providing a large number of iovec structures...
SUSE CVE-2010-3849
The econetsendmsg function in net/econet/afeconet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to cause a denial of service NULL pointer dereference and OOPS via a sendmsg call that specifies a NULL value for the remote address field...
SUSE CVE-2010-3904
The rdspagecopyuser function in net/rds/page.c in the Reliable Datagram Sockets RDS protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg syste...
SUSE CVE-2010-4160
Multiple integer overflows in the 1 pppol2tpsendmsg function in net/l2tp/l2tpppp.c, and the 2 l2tpipsendmsg function in net/l2tp/l2tpip.c, in the PPPoL2TP and IPoL2TP implementations in the Linux kernel before 2.6.36.2 allow local users to cause a denial of service heap memory corruption and pani...
SUSE CVE-2011-1173
The econetsendmsg function in net/econet/afeconet.c in the Linux kernel before 2.6.39 on the x8664 platform allows remote attackers to obtain potentially sensitive information from kernel stack memory by reading uninitialized data in the ah field of an Acorn Universal Networking AUN packet...
SUSE CVE-2013-2224
A certain Red Hat patch for the Linux kernel 2.6.32 on Red Hat Enterprise Linux RHEL 6 allows local users to cause a denial of service invalid free operation and system crash or possibly gain privileges via a sendmsg system call with the IPRETOPTS option, as demonstrated by hemlock.c. NOTE: this...
SUSE CVE-2013-3237
The vsockstreamsendmsg function in net/vmwvsock/afvsock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...
SUSE CVE-2014-3636
D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8 allows local users to 1 cause a denial of service prevention of new connections and connection drop by queuing the maximum number of file descriptors or 2 cause a denial of service disconnect via multiple messages that combine to have...
SUSE CVE-2015-7990
Race condition in the rdssendmsg function in net/rds/sendmsg.c in the Linux kernel before 4.3.3 allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact by using a socket that was not properly bound. NOTE: this vulnerabili...
SUSE CVE-2016-3841
The IPv6 stack in the Linux kernel before 4.3.3 mishandles options data, which allows local users to gain privileges or cause a denial of service use-after-free and system crash via a crafted sendmsg system call...
SUSE CVE-2016-9806
Race condition in the netlinkdump function in net/netlink/afnetlink.c in the Linux kernel before 4.6.3 allows local users to cause a denial of service double free or possibly have unspecified other impact via a crafted application that makes sendmsg system calls, leading to a free operation...
SUSE CVE-2019-8956
In the Linux Kernel before versions 4.20.8 and 4.19.21 a use-after-free error in the "sctpsendmsg" function net/sctp/socket.c when handling SCTPSENDALL flag can be exploited to corrupt memory...
SUSE CVE-2021-3640
A flaw use-after-free in function scosocksendmsg of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIOREGISTER or other way triggers race condition of the call scoconndel together with the call scosocksendmsg with the expected controllable faulting memory page. A privilege...
PT-2025-37659
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where a process waiting for an rxrpc call could be interrupted, leading to subsequent sendmsg calls failing with an EBUSY error until an assignment is...
The vulnerability of the CServer::SendMsg function (engine/server/server.cpp) in the teeworlds operating system for Linux allows a hacker to cause a service failure.
The vulnerability of the CServer::SendMsg function located in engine/server/server.cpp of the teeworlds package on Linux operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
kernel: use-after-free vulnerability in function sco_sock_sendmsg()
A flaw use-after-free in function scosocksendmsg of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIOREGISTER or other way triggers race condition of the call scoconndel together with the call scosocksendmsg with the expected controllable faulting memory page. A privilege...
PT-2022-35542 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 5.10.141 through 5.10.149 Description: A potential security issue exists due to the handling of zero-sized raw sendmsg in the net/ieee802154 module. The actual impact and attack plausibility have not yet been proven...
PT-2022-35347 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 5.15.65 through 5.15.74 Description: A potential security issue exists due to the handling of zero-sized raw sendmsg in the net/ieee802154 module. The actual impact and attack plausibility have not yet been proven...