Cisco Secure Email Gateway Remote Code Execution Vulnerability (regreSSHion) (cisco cisco-sa-openssh-rce-2024)

According to its self-reported version, Cisco Secure Email Gateway is affected by a vulnerability. - A remote code execution vulnerability exists in Cisco Secure Email Gateway due to a signal handler race condition found in sshd, where a client does not authenticate within LoginGraceTime seconds,...

AZL-71396 CVE-2025-40248 affecting package kernel for versions less than 6.6.119.3-1

In the Linux kernel, the following vulnerability has been resolved: vsock: Ignore signal/timeout on connect if already established During connect, acting on a signal/timeout by disconnecting an already established socket leads to several issues: 1. connect invoking vsocktransportcancelpkt -...

UBUNTU-CVE-2025-40248

In the Linux kernel, the following vulnerability has been resolved: vsock: Ignore signal/timeout on connect if already established During connect, acting on a signal/timeout by disconnecting an already established socket leads to several issues: 1. connect invoking vsocktransportcancelpkt -...

OESA-2025-1579 screen security update

Screen is a full-screen window manager that multiplexes a physical terminal between several processes,typically interactive shells. Security Fixes: For a short time they PTY is set to mode 666, allowing any user on the system to connect to the screen session.CVE-2025-46802 A minor information lea...

openssh: Possible remote code execution due to a race condition in signal handling affecting Red Hat Enterprise Linux 9

A race condition vulnerability was discovered in how signals are handled by OpenSSH's server sshd. If a remote attacker does not authenticate within a set time period, then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not...

OESA-2024-1781 openssh security update

OpenSSH is the premier connectivity tool for remote login with the SSH protocol. \ It encrypts all traffic to eliminate eavesdropping, connection hijacking, and \ other attacks. In addition, OpenSSH provides a large suite of secure tunneling \ capabilities, several authentication methods, and...

OESA-2024-1782 openssh security update

OpenSSH is the premier connectivity tool for remote login with the SSH protocol. \ It encrypts all traffic to eliminate eavesdropping, connection hijacking, and \ other attacks. In addition, OpenSSH provides a large suite of secure tunneling \ capabilities, several authentication methods, and...

Important: openssh

Issue Overview: A signal handler race condition was found in OpenSSH's server sshd, where a client does not authenticate within LoginGraceTime seconds 120 by default, 600 in old OpenSSH versions, then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various...

SUSE CVE-2004-0794

Multiple signal handler race conditions in lukemftpd aka tnftpd before 20040810 allow remote authenticated attackers to cause a denial of service or execute arbitrary code...

SUSE CVE-2006-5051

Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service crash, and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free...

Apache 1.x/2.0.x Chunked-Encoding Memory Corruption Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/5033/info When processing requests coded with the 'Chunked Encoding' mechanism, Apache fails to properly calculate required buffer sizes. This is believed to be due to improper signed interpretation of an unsigned integer...

kernel: posix-cpu-timers: workaround to suppress the problems with mt exec

Race condition in the exitsignal function in kernel/exit.c in the Linux kernel before 2.6.37-rc2 allows local users to cause a denial of service via vectors related to multithreaded exec, the use of a thread group leader in kernel/posix-cpu-timers.c, and the selection of a new thread group leader...

kernel: posix-cpu-timers: workaround to suppress the problems with mt exec

Race condition in the exitsignal function in kernel/exit.c in the Linux kernel before 2.6.37-rc2 allows local users to cause a denial of service via vectors related to multithreaded exec, the use of a thread group leader in kernel/posix-cpu-timers.c, and the selection of a new thread group leader...

DEBIAN-CVE-2006-0058

Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows remote attackers to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory locations...

DEBIAN-CVE-2002-1563

stunnel 4.0.3 and earlier allows attackers to cause a denial of service crash via SIGCHLD signal handler race conditions that cause an inconsistency in the child counter...

Apache 1.x2.0.x - Chunked-Encoding Memory Corruption (1)

Apache 1.x2.0.x - Chunked-Encoding Memory Corruption 1 // source: https://www.securityfocus.com/bid/5033/info When processing requests coded with the 'Chunked Encoding' mechanism, Apache fails to properly calculate required buffer sizes. This is believed to be due to improper signed interpretatio...

Apache 1.x2.0.x - Chunked-Encoding Memory Corruption (2)

Apache 1.x2.0.x - Chunked-Encoding Memory Corruption 2 // source: https://www.securityfocus.com/bid/5033/info When processing requests coded with the 'Chunked Encoding' mechanism, Apache fails to properly calculate required buffer sizes. This is believed to be due to improper signed interpretatio...

Apache 1.x/2.0.x - Chunked-Encoding Memory Corruption (1)

// source: https://www.securityfocus.com/bid/5033/info When processing requests coded with the 'Chunked Encoding' mechanism, Apache fails to properly calculate required buffer sizes. This is believed to be due to improper signed interpretation of an unsigned integer value. Consequently, several...