USN-6415-1 linux-oem-6.1 vulnerabilities

Daniel Trujillo, Johannes Wikner, and Kaveh Razavi discovered that some AMD processors utilising speculative execution and branch prediction may allow unauthorised memory reads via a speculative side-channel attack. A local attacker could use this to expose sensitive information, including kernel...

SUSE CVE-2013-4312

The Linux kernel before 4.4.1 allows local users to bypass file-descriptor limits and cause a denial of service memory consumption by sending each descriptor over a UNIX socket before closing it, related to net/unix/afunix.c and net/unix/garbage.c...

SUSE CVE-2014-0185

sapi/fpm/fpm/fpmunix.c in the FastCGI Process Manager FPM in PHP before 5.4.28 and 5.5.x before 5.5.12 uses 0666 permissions for the UNIX socket, which allows local users to gain privileges via a crafted FastCGI client...

SUSE CVE-2015-3164

The authentication setup in XWayland 1.16.x and 1.17.x before 1.17.2 starts the server in non-authenticating mode, which allows local users to read from or send information to arbitrary X11 clients via vectors involving a UNIX socket...

SUSE CVE-2016-2550

The Linux kernel before 4.5 allows local users to bypass file-descriptor limits and cause a denial of service memory consumption by leveraging incorrect tracking of descriptor ownership and sending each descriptor over a UNIX socket before closing it. NOTE: this vulnerability exists because of an...

SUSE CVE-2017-6542

The sshagentchanneldata function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain socket representing the forwarded agent connection, which trigger a buffer overfl...

SUSE CVE-2018-13441

qhhelp in Nagios Core version 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attacker to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket...

SUSE CVE-2018-13458

qhcore in Nagios Core 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attackers to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket...

SUSE CVE-2018-13457

qhecho in Nagios Core 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attackers to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket...

SUSE CVE-2021-3468

A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the clientwork function, allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is...

SUSE CVE-2021-44224

A crafted URI sent to httpd configured as a forward proxy ProxyRequests on can cause a crash NULL pointer dereference or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint Server Side Request Forgery...

SUSE CVE-2022-21950

A Improper Access Control vulnerability in the systemd service of cana in openSUSE Backports SLE-15-SP3, openSUSE Backports SLE-15-SP4 allows local users to hijack the UNIX domain socket This issue affects: openSUSE Backports SLE-15-SP3 canna versions prior to canna-3.7p3-bp153.2.3.1. openSUSE...

SUSE CVE-2022-29178

Cilium is open source software for providing and securing network connectivity and loadbalancing between application workloads. Cilium prior to versions 1.9.16, 1.10.11, and 1.11.15 contains an incorrect default permissions vulnerability. Operating Systems with users belonging to the group ID 100...

SUSE-SU-2023:0339-1 Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059101 fixes one issue. The following security issue was fixed: - CVE-2022-2602: Fixed a local privilege escalation vulnerability involving Unix socket Garbage Collection and iouring bsc1205186...

SUSE-SU-2023:0281-1 Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-1503005963 fixes several issues. The following security issues were fixed: - CVE-2022-3424: Fixed use-after-free in grusetcontextoption, grufault and gruhandleusercallos that could lead to kernel panic bsc1204167. - CVE-2022-2602: Fixed a local privilege...

SUSE-SU-2023:0245-1 Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-1503005971 fixes several issues. The following security issues were fixed: - CVE-2022-3424: Fixed use-after-free in grusetcontextoption, grufault and gruhandleusercallos that could lead to kernel panic bsc1204167. - CVE-2022-2602: Fixed a local privilege...

SUSE-SU-2023:0237-1 Security update for the Linux Kernel (Live Patch 31 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024134 fixes several issues. The following security issues were fixed: - CVE-2022-3424: Fixed use-after-free in grusetcontextoption, grufault and gruhandleusercallos that could lead to kernel panic bsc1204167. - CVE-2022-2602: Fixed a local privilege...

Security Bulletin: Vulnerability in Node.js affects IBM Process Mining . CVE-2022-33987

Summary There is a vulnerability in Node.js that could allow a UNIX socket redirect, bypassing security restrictions . The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2022-33987 DESCRIPTION:...

Important: kernel

Issue Overview: A memory overflow vulnerability was found in the Linux kernel's ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local user to starve the resources, causing a denial of service. The highes...

device-mapper-multipath: Authorization bypass, multipathd daemon listens for client connections on an abstract Unix socket

A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjunction with CVE-2022-41973. Local users that are able to write to UNIX domain sockets can bypass access controls and manipulate the multipath...