35 matches found
EUVD-2018-6531
Malware in sbrugna...
EUVD-2021-13497
Malware in sbrugna...
CVE-2025-1290
A race condition Use-After-Free vulnerability exists in the virtiotransportspaceupdate function within the Kernel 5.4 on ChromeOS. Concurrent allocation and freeing of the virtiovsocksock structure during an AFVSOCK connect syscall can occur before a worker thread accesses it resulting in a...
CVE-2021-47024
In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: free queued packets when closing socket As reported by syzbot 1, there is a memory leak while closing the socket. We partially solved this issue with commit ac03046ece2b "vsock/virtio: free packets during the socket...
CVE-2021-47024 vsock/virtio: free queued packets when closing socket
In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: free queued packets when closing socket As reported by syzbot 1, there is a memory leak while closing the socket. We partially solved this issue with commit ac03046ece2b "vsock/virtio: free packets during the socket...
CVE-2021-47024
In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: free queued packets when closing socket As reported by syzbot 1, there is a memory leak while closing the socket. We partially solved this issue with commit ac03046ece2b "vsock/virtio: free packets during the socket...
K12915342: Linux kernel vulnerability CVE-2018-14625
Security Advisory Description A flaw was found in the Linux Kernel where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect and close function may allow an attacker using the AFVSOCK protocol to gather a 4 byte informatio...
Linux kernel 安全漏洞
Linux kernel is the kernel used by the Linux Foundation's open source operating system, Linux. Linux kernel is vulnerable to a security flaw that affects the function vsockconnect in the component IPsec's file net/vmwvsock/afvsock.c. This operation results in a memory leak. No detailed...
Updated kernel packages fix security vulnerability
This kernel update is based on upstream 5.10.14 and fixes at least the following security issues: A local privilege escalation was discovered in the Linux kernel before 5.10.13. Multiple race conditions in the AFVSOCK implementation are caused by wrong locking in net/vmwvsock/afvsock.c...
Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.10.14 and fixes at least the following security issues: nbdaddsocket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndbqueuerq use-after-free that could be triggered by local attackers with access to the nbd device via an I/O...
Ubuntu: Security Advisory (USN-4727-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4727-1: Linux kernel vulnerability
Alexander Popov discovered that multiple race conditions existed in the AFVSOCK implementation in the Linux kernel. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...
Linux kernel local elevation of privilege vulnerability (CNVD-2021-10822)
The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A local elevation of privilege vulnerability exists in Linux kernel versions prior to 5.10.13. The vulnerability stem...
CVE-2021-26708
A flaw was found in the Linux kernel. Wrong locking in the AFVSOCK socket can cause a local privilege escalation, bypassing SMEP and SMAP. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...
CVE-2021-26708
A local privilege escalation was discovered in the Linux kernel before 5.10.13. Multiple race conditions in the AFVSOCK implementation are caused by wrong locking in net/vmwvsock/afvsock.c. The race conditions were implicitly introduced in the commits that added VSOCK multi-transport support...
Race condition
A local privilege escalation was discovered in the Linux kernel before 5.10.13. Multiple race conditions in the AFVSOCK implementation are caused by wrong locking in net/vmwvsock/afvsock.c. The race conditions were implicitly introduced in the commits that added VSOCK multi-transport support...
CVE-2021-26708
A local privilege escalation was discovered in the Linux kernel before 5.10.13. Multiple race conditions in the AFVSOCK implementation are caused by wrong locking in net/vmwvsock/afvsock.c. The race conditions were implicitly introduced in the commits that added VSOCK multi-transport support...
CVE-2021-26708
CVE-2021-26708 describes a local privilege-escalation in the Linux kernel prior to 5.10.13 caused by race conditions in AF_VSOCK (net/vmw_vsock/af_vsock.c) related to wrong locking during VSOCK multi-transport changes. The vulnerability can be exploited via use-after-free primitives in the vsock_...
CVE-2021-26708
A local privilege escalation was discovered in the Linux kernel before 5.10.13. Multiple race conditions in the AFVSOCK implementation are caused by wrong locking in net/vmwvsock/afvsock.c. The race conditions were implicitly introduced in the commits that added VSOCK multi-transport support...
CVE-2021-26708
A local privilege escalation was discovered in the Linux kernel before 5.10.13. Multiple race conditions in the AFVSOCK implementation are caused by wrong locking in net/vmwvsock/afvsock.c. The race conditions were implicitly introduced in the commits that added VSOCK multi-transport support...