416 matches found
PT-2022-35098 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.3 Description: The issue concerns a potential security vulnerability in the Linux Kernel. It is related to the rejection of zero-sized raw sendmsg in the net/ieee802154 module. The actual impact and attack...
kernel: use-after-free vulnerability in function sco_sock_sendmsg()
A flaw use-after-free in function scosocksendmsg of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIOREGISTER or other way triggers race condition of the call scoconndel together with the call scosocksendmsg with the expected controllable faulting memory page. A privilege...
GSD-2022-1005742 rxrpc: Fix locking in rxrpc's sendmsg
rxrpc: Fix locking in rxrpc's sendmsg This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.140 by commit...
PT-2022-34000 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 4.15 through 5.10.139 Description: The issue concerns a locking problem in the rxrpc's sendmsg function. The actual impact and potential for attack have not been proven yet. Recommendations: For Linux Kernel versions 4.1...
GSD-2022-1005442 rxrpc: Fix locking in rxrpc's sendmsg
rxrpc: Fix locking in rxrpc's sendmsg This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.64 by commit 2bc769b8edb158be7379d15f36e23d66cf85005...
GSD-2022-1005036 rxrpc: Fix locking in rxrpc's sendmsg
rxrpc: Fix locking in rxrpc's sendmsg This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.6 by commit 091dc91e119fdd61432347231724f4e861c6b465...
PT-2022-33700 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.64 Description: The issue concerns a locking problem in rxrpc's sendmsg. The actual impact and potential for attack have not been proven yet. Recommendations: For Linux Kernel versions prior to v5.15.64,...
PT-2022-33294 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.6 Description: The issue concerns a locking problem in rxrpc's sendmsg. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to v5.19.6, upda...
kernel: tcp: fix page frag corruption on page fault
A vulnerability was found in the Linux kernel's TCP subsystem in the tcpsendmsglocked function, which can lead to page fragment corruption during a page fault, which occurs when a TCP stream experiences nested access to the task page fragment due to a page fault while handling memory-mapped...
GSD-2022-1002241 bpf, sockmap: Fix memleak in tcp_bpf_sendmsg while sk msg is full
bpf, sockmap: Fix memleak in tcpbpfsendmsg while sk msg is full This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.189 by commit...
GSD-2022-1002079 bpf, sockmap: Fix memleak in tcp_bpf_sendmsg while sk msg is full
bpf, sockmap: Fix memleak in tcpbpfsendmsg while sk msg is full This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.110 by commit...
GSD-2022-1001208 bpf, sockmap: Fix memleak in tcp_bpf_sendmsg while sk msg is full
bpf, sockmap: Fix memleak in tcpbpfsendmsg while sk msg is full This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.2 by commit...
kernel: tcp: fix page frag corruption on page fault
A vulnerability was found in the Linux kernel's TCP subsystem in the tcpsendmsglocked function, which can lead to page fragment corruption during a page fault, which occurs when a TCP stream experiences nested access to the task page fragment due to a page fault while handling memory-mapped...
GSD-2022-1000506 tcp: take care of mixed splice()/sendmsg(MSG_ZEROCOPY) case
tcp: take care of mixed splice/sendmsgMSGZEROCOPY case This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.10 by commit...
UBUNTU-CVE-2021-3640
A flaw use-after-free in function scosocksendmsg of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIOREGISTER or other way triggers race condition of the call scoconndel together with the call scosocksendmsg with the expected controllable faulting memory page. A privilege...
PT-2024-11298 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to an uninitialized value in the caif seqpkt sendmsg function, which is defined in sys sendmsg. When nr segs equals zero in iovec from user, the object msg-msg...
CVE-2020-7460
In FreeBSD 12.1-STABLE before r363918, 12.1-RELEASE before p8, 11.4-STABLE before r363919, 11.4-RELEASE before p2, and 11.3-RELEASE before p12, the sendmsg system call in the compat32 subsystem on 64-bit platforms has a time-of-check to time-of-use vulnerability allowing a mailcious userspace...
CVE-2020-7460
In FreeBSD 12.1-STABLE before r363918, 12.1-RELEASE before p8, 11.4-STABLE before r363919, 11.4-RELEASE before p2, and 11.3-RELEASE before p12, the sendmsg system call in the compat32 subsystem on 64-bit platforms has a time-of-check to time-of-use vulnerability allowing a mailcious userspace...
Input validation
In FreeBSD 12.1-STABLE before r363918, 12.1-RELEASE before p8, 11.4-STABLE before r363919, 11.4-RELEASE before p2, and 11.3-RELEASE before p12, the sendmsg system call in the compat32 subsystem on 64-bit platforms has a time-of-check to time-of-use vulnerability allowing a mailcious userspace...
CVE-2020-7460
In FreeBSD 12.1-STABLE before r363918, 12.1-RELEASE before p8, 11.4-STABLE before r363919, 11.4-RELEASE before p2, and 11.3-RELEASE before p12, the sendmsg system call in the compat32 subsystem on 64-bit platforms has a time-of-check to time-of-use vulnerability allowing a mailcious userspace...