47 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: acct: performs the last write operation from the workqueue. In 1, it was reported that the acct2 system call can be used to trigger a NULL derefrence in cases where it is set to write to a file that triggers an internal lookup...
ROS-20260121-73-0017
A vulnerability in the acct component of the Linux kernel is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
UBUNTU-CVE-2022-50749
In the Linux kernel, the following vulnerability has been resolved: acct: fix potential integer overflow in encodecompt The integer overflow is descripted with following codes: 317 static compt encodecomptu64 value 318 319 int exp, rnd; ...... 341 exp 342 exp += value; 343 return exp; 344 Current...
CVE-2022-50749 acct: fix potential integer overflow in encode_comp_t()
In the Linux kernel, the following vulnerability has been resolved: acct: fix potential integer overflow in encodecompt The integer overflow is descripted with following codes: 317 static compt encodecomptu64 value 318 319 int exp, rnd; ...... 341 exp 342 exp += value; 343 return exp; 344 Current...
CVE-2022-50749 acct: fix potential integer overflow in encode_comp_t()
In the Linux kernel, the following vulnerability has been resolved: acct: fix potential integer overflow in encodecompt The integer overflow is descripted with following codes: 317 static compt encodecomptu64 value 318 319 int exp, rnd; ...... 341 exp 342 exp += value; 343 return exp; 344 Current...
kernel: acct: perform last write from workqueue
In the Linux kernel, the following vulnerability has been resolved: acct: perform last write from workqueue In 1 it was reported that the acct2 system call can be used to trigger NULL deref in cases where it is set to write to a file that triggers an internal lookup. This can e.g., happen when...
EUVD-2004-0849
Malware in sbrugna...
EUVD-2025-6290
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-38639
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: xtnfacct: don't assume acct name is null-terminated BUG: KASAN: slab-out-of-bounds in .. lib/vsprintf.c:721 Read of size 1 at addr ffff88801eac95c8 b...
SUSE CVE-2025-38639
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtnfacct: don't assume acct name is null-terminated BUG: KASAN: slab-out-of-bounds in .. lib/vsprintf.c:721 Read of size 1 at addr ffff88801eac95c8 by task syz-executor183/5851 .. string+0x231/0x2b0 lib/vsprintf.c:721...
AZL-73488 CVE-2025-38639 affecting package kernel for versions less than 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtnfacct: don't assume acct name is null-terminated BUG: KASAN: slab-out-of-bounds in .. lib/vsprintf.c:721 Read of size 1 at addr ffff88801eac95c8 by task syz-executor183/5851 .. string+0x231/0x2b0 lib/vsprintf.c:721...
AZL-66617 CVE-2025-38639 affecting package kernel for versions less than 6.6.104.2-1
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtnfacct: don't assume acct name is null-terminated BUG: KASAN: slab-out-of-bounds in .. lib/vsprintf.c:721 Read of size 1 at addr ffff88801eac95c8 by task syz-executor183/5851 .. string+0x231/0x2b0 lib/vsprintf.c:721...
CVE-2025-38639
CVE-2025-38639 is a Linux kernel vulnerability in netfilter xt_nfacct where the acct name is assumed to be null-terminated, enabling a slab-out-of-bounds read via KASAN in lib/vsprintf.c and related paths (nfacct_mt_checkentry/xt_check_match). The cited advisories indicate a local attacker could ...
CVE-2025-38639
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtnfacct: don't assume acct name is null-terminated BUG: KASAN: slab-out-of-bounds in .. lib/vsprintf.c:721 Read of size 1 at addr ffff88801eac95c8 by task syz-executor183/5851 .. string+0x231/0x2b0 lib/vsprintf.c:721...
CVE-2025-38639 netfilter: xt_nfacct: don't assume acct name is null-terminated
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtnfacct: don't assume acct name is null-terminated BUG: KASAN: slab-out-of-bounds in .. lib/vsprintf.c:721 Read of size 1 at addr ffff88801eac95c8 by task syz-executor183/5851 .. string+0x231/0x2b0 lib/vsprintf.c:721...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from xtnfacct assuming that acct names end with a null character, which could lead to out-of-bounds reads...
Linux Distros Unpatched Vulnerability : CVE-2025-21846
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - acct: perform last write from workqueue In 1 it was reported that the acct2 system call can be used to trigger NULL deref in cases where it is set to write to a...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: allow exp not to be removed in nfctfindexpectation CVE-2023-52927 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free of signing key CVE-2024-53179 In the...
SUSE CVE-2025-21846
In the Linux kernel, the following vulnerability has been resolved: acct: perform last write from workqueue In 1 it was reported that the acct2 system call can be used to trigger NULL deref in cases where it is set to write to a file that triggers an internal lookup. This can e.g., happen when...
AZL-58532 CVE-2025-21846 affecting package kernel for versions less than 6.6.82.1-1
In the Linux kernel, the following vulnerability has been resolved: acct: perform last write from workqueue In 1 it was reported that the acct2 system call can be used to trigger NULL deref in cases where it is set to write to a file that triggers an internal lookup. This can e.g., happen when...