ASB-A-396331793

In multiple functions of afvsock.c, there is a possible way to cause a use after free due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

Memory Leak

linux-aws is vulnerable to Memory Leak. The vulnerability available in linux kernal affects the 'function vsockconnect' within the 'net/vmwvsock/afvsock.c' file leading to memory leak...

EulerOS 2.0 SP8 : kernel (EulerOS-SA-2023-1345)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcpgetsockopt/tcpsetsockopt of the...

CVE-2022-3629

A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsockconnect of the file net/vmwvsock/afvsock.c. The manipulation leads to memory leak. The complexity of an attack is rather high. The exploitation appears to be difficult. It ...

CVE-2022-3629

A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsockconnect of the file net/vmwvsock/afvsock.c. The manipulation leads to memory leak. The complexity of an attack is rather high. The exploitation appears to be difficult. It ...

CVE-2022-3629 Linux Kernel af_vsock.c vsock_connect memory leak

A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsockconnect of the file net/vmwvsock/afvsock.c. The manipulation leads to memory leak. The complexity of an attack is rather high. The exploitation appears to be difficult. It ...

Updated kernel packages fix security vulnerability

This kernel update is based on upstream 5.10.14 and fixes at least the following security issues: A local privilege escalation was discovered in the Linux kernel before 5.10.13. Multiple race conditions in the AFVSOCK implementation are caused by wrong locking in net/vmwvsock/afvsock.c...

Race condition

A local privilege escalation was discovered in the Linux kernel before 5.10.13. Multiple race conditions in the AFVSOCK implementation are caused by wrong locking in net/vmwvsock/afvsock.c. The race conditions were implicitly introduced in the commits that added VSOCK multi-transport support...

CVE-2021-26708

A local privilege escalation was discovered in the Linux kernel before 5.10.13. Multiple race conditions in the AFVSOCK implementation are caused by wrong locking in net/vmwvsock/afvsock.c. The race conditions were implicitly introduced in the commits that added VSOCK multi-transport support...

CVE-2013-3237

The vsockstreamsendmsg function in net/vmwvsock/afvsock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...

Design/Logic Flaw

The vsockstreamsendmsg function in net/vmwvsock/afvsock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...

CVE-2013-3237

CVE-2013-3237 affects the Linux kernel’s vsock_stream_sendmsg in net/vmw_vsock/af_vsock.c, where a length variable is not initialized prior to use. This can allow local users to read sensitive data from kernel stack memory via crafted recvmsg/recvfrom syscalls. The issue is linked to the kernel v...