36 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Timekeeping: The leap state of the auxiliary timekeeper must be adjusted to the correct value. When the doajdtimex function was introduced to handle adjtimex for any timekeeper, this reference to tkcore was not updated. When this...
SUSE CVE-2026-23106
In the Linux kernel, the following vulnerability has been resolved: timekeeping: Adjust the leap state for the correct auxiliary timekeeper When doajdtimex was introduced to handle adjtimex for any timekeeper, this reference to tkcore was not updated. When called on an auxiliary timekeeper, the...
CVE-2026-23106
In the Linux kernel, the following vulnerability has been resolved: timekeeping: Adjust the leap state for the correct auxiliary timekeeper When doajdtimex was introduced to handle adjtimex for any timekeeper, this reference to tkcore was not updated. When called on an auxiliary timekeeper, the...
CVE-2026-23106
In the Linux kernel, the following vulnerability has been resolved: timekeeping: Adjust the leap state for the correct auxiliary timekeeper When doajdtimex was introduced to handle adjtimex for any timekeeper, this reference to tkcore was not updated. When called on an auxiliary timekeeper, the...
UBUNTU-CVE-2026-23106
In the Linux kernel, the following vulnerability has been resolved: timekeeping: Adjust the leap state for the correct auxiliary timekeeper When doajdtimex was introduced to handle adjtimex for any timekeeper, this reference to tkcore was not updated. When called on an auxiliary timekeeper, the...
EUVD-2026-5435
In the Linux kernel, the following vulnerability has been resolved: timekeeping: Adjust the leap state for the correct auxiliary timekeeper When doajdtimex was introduced to handle adjtimex for any timekeeper, this reference to tkcore was not updated. When called on an auxiliary timekeeper, the...
CVE-2026-23106
CVE-2026-23106 concerns the Linux kernel timekeeping subsystem. The root cause is in __do_adjtimex(), which incorrectly references the core timekeeper’s tk_core when adjusting leap second state for an auxiliary timekeeper. This leads to a seqlock protocol violation where the timekeepers sequence ...
CVE-2026-23106 timekeeping: Adjust the leap state for the correct auxiliary timekeeper
In the Linux kernel, the following vulnerability has been resolved: timekeeping: Adjust the leap state for the correct auxiliary timekeeper When doajdtimex was introduced to handle adjtimex for any timekeeper, this reference to tkcore was not updated. When called on an auxiliary timekeeper, the...
CVE-2026-23106 timekeeping: Adjust the leap state for the correct auxiliary timekeeper
In the Linux kernel, the following vulnerability has been resolved: timekeeping: Adjust the leap state for the correct auxiliary timekeeper When doajdtimex was introduced to handle adjtimex for any timekeeper, this reference to tkcore was not updated. When called on an auxiliary timekeeper, the...
Linux Distros Unpatched Vulnerability : CVE-2026-23106
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - timekeeping: Adjust the leap state for the correct auxiliary timekeeper When doajdtimex was introduced to handle adjtimex for any timekeeper, this reference to...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001174)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001174 advisory. The compatgettimex function in kernel/compat.c in the Linux kernel before 4.16.9 allows local users to obtain sensitive information from kernel memory via adjtimex...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003367)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003367 advisory. The compatgettimex function in kernel/compat.c in the Linux kernel before 4.16.9 allows local users to obtain sensitive information from kernel memory via adjtimex...
EUVD-2018-3537
Malware in sbrugna...
Configure Audit Rules for Time Changes
The system time is essential for the normal running of services. The system time can be changed through synchronization with the time server and manual operations of administrators. The latter is prone to attacks because attackers can change the system time to invalidate some protection policies...
SUSE CVE-2018-11508
The compatgettimex function in kernel/compat.c in the Linux kernel before 4.16.9 allows local users to obtain sensitive information from kernel memory via adjtimex...
Linux Kernel 4.13 compat_get_timex() Kernel Pointer Leak
define GNUSOURCE define BSDSOURCE include include include include include include include include include include include include include include include include include include // Ubuntu 4.13.0-16-generic // gcc -o poc poc.c -m32 struct timex time; int mainint argc, char argv int r; unsigned lon...
Ubuntu 18.04 LTS : Linux kernel regression (USN-3718-1)
The remote Ubuntu 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-3718-1 advisory. USN-3695-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. Unfortunately, the fix for CVE-2018-1108 introduced a regression where insufficient ear...
Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-3695-1)
The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3695-1 advisory. Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly initialize the crc32c checksum driver. A local attacker...
Ubuntu 16.04 LTS : Linux kernel (HWE) vulnerabilities (USN-3695-2)
The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3695-2 advisory. USN-3695-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enableme...
Ubuntu 17.10 : linux, linux-raspi2 vulnerabilities (USN-3697-1)
It was discovered that a NULL pointer dereference vulnerability existed in the DCCP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service system crash. CVE-2018-1130 Jann Horn discovered that the 32 bit adjtimex syscall implementation for 64 bit...