1600 matches found
USN-8490-2: Linux kernel (Real-time) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; - InfiniBand drivers; -...
USN-8490-2 linux-realtime, linux-realtime-6.17 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; - InfiniBand drivers; -...
USN-8490-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; - InfiniBand drivers; -...
USN-8490-1 linux, linux-aws, linux-aws-6.17, linux-gcp, linux-gcp-6.17, linux-oracle, linux-oracle-6.17 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; - InfiniBand drivers; -...
golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root
A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the Root.Chmod function is replaced with a symbolic link during execution, specifically after Root.Chmod checks the target but before acting, the chmod operation will be performed on the file the...
USN-8546-1 linux-raspi vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; - InfiniBand drivers; -...
USN-8545-1: Linux kernel (HWE) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; - InfiniBand drivers; -...
USN-8545-1 linux-hwe-6.17 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; - InfiniBand drivers; -...
CVE-2026-10669
Summary (CVE-2026-10669) : On Xtensa SoCs with CONFIG_XTENSA_MPU and CONFIG_USERSPACE, arch_buffer_validate() erroneously permits access when the buffer size rounds to a wrap of the 32-bit address space, bypassing MPU checks. This can let an unprivileged user-thread validate or copy memory it sho...
FTP Fetch, Linux Reboot
Fetch and execute an RISC-V 64-bit payload from an FTP server. A very small shellcode for rebooting the system using the reboot syscall. This payload is sometimes helpful for testing purposes. Requires CAPSYSBOOT privileges. Module Options This module requires Metasploit:...
FTP Fetch, Linux Reboot
Fetch and execute an RISC-V 32-bit payload from an FTP server. A very small shellcode for rebooting the system using the reboot syscall. This payload is sometimes helpful for testing purposes. Requires CAPSYSBOOT privileges. Module Options...
USN-8508-1: Linux kernel (NVIDIA) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - S390 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; - GP...
USN-8508-1 linux-nvidia-6.17 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - S390 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; - GP...
CVE-2026-14629 RT-Thread Parameter lwp_syscall.c sys_ioctl divide by zero
A flaw has been found in RT-Thread up to 5.2.2. Affected is the function read/write/sysioctl of the file components/lwp/lwpsyscall.c of the component Parameter Handler. Executing a manipulation can lead to divide by zero. The attack may be launched remotely. The exploit has been published and may...
CVE-2026-14629 RT-Thread Parameter lwp_syscall.c sys_ioctl divide by zero
A flaw has been found in RT-Thread up to 5.2.2. Affected is the function read/write/sysioctl of the file components/lwp/lwpsyscall.c of the component Parameter Handler. Executing a manipulation can lead to divide by zero. The attack may be launched remotely. The exploit has been published and may...
CVE-2026-14629
RT-Thread up to 5.2.2 contains a vulnerability in the Parameter Handler’s lwp_syscall.c, affecting the read/write/sys_ioctl functions. The root cause is a divide-by-zero condition, exploitable remotely. The exploit has been published, and a patch is pending acceptance via a pull request. No remed...
CVE-2026-14607
A weakness has been identified in RT-Thread up to 5.0.2. This affects the function sysgetaddrinfo of the file components/lwp/lwpsyscall.c. Executing a manipulation of the argument aiaddr can lead to memory corruption. The attack can only be executed locally. The exploit has been made available to...
USN-8491-1 linux-oem-6.17 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; -...
USN-8491-1: Linux kernel (OEM) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; -...
kernel: cachestat: fix page cache statistics permission checking
In the Linux kernel, the following vulnerability has been resolved: cachestat: fix page cache statistics permission checking When the 'cachestat' system call was added in commit cf264e1329fb "cachestat: implement cachestat syscall", it was meant to be a much more convenient and performant version...