Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Binder: Fixed a race condition between mmput and doexit. Task A calls binderupdatepagerange to allocate and insert pages in a remote address space from Task B. To do this, Task A first pinches the remote memory region using...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992622)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992622 advisory. In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF of ref-proc caused by race condition A transaction of type BINDERTYPEWEAKHANDLE c...

UBUNTU-CVE-2023-54157

In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF of alloc-vma in race with munmap cmllamas: clean forward port from commit 015ac18be7de "binder: fix UAF of alloc-vma in race with munmap" in 5.10 stable. It is needed in mainline after the revert of commit...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF of alloc-vma in race with munmap In commit 720c24192404 "ANDROID: binder: change downwrite to downread" binder assumed the mmap read lock is sufficient to protect alloc-vma inside binderupdatepagerange. This used ...

EUVD-2022-55189

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-52609

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - binder: fix race between mmput and doexit Task A calls binderupdatepagerange to allocate and insert pages on a remote address space from Task B. For this, Task ...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the presence of a race condition in binder that could lead to reuse of referenced proc pointers after release...

SUSE CVE-2024-56555

In the Linux kernel, the following vulnerability has been resolved: binder: fix OOB in binderaddfreezework In binderaddfreezework we iterate over the proc-nodes with the proc-innerlock held. However, this lock is temporarily dropped to acquire the node-lock first lock nesting order. This can race...

DEBIAN-CVE-2024-56555

In the Linux kernel, the following vulnerability has been resolved: binder: fix OOB in binderaddfreezework In binderaddfreezework we iterate over the proc-nodes with the proc-innerlock held. However, this lock is temporarily dropped to acquire the node-lock first lock nesting order. This can race...

PT-2024-36859 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.11.0-07343-ga727812a8d45 Description: The issue arises from a race condition in the binder add freeze work function, where the iteration over proc-nodes can be disrupted by binder deferred release, leading to ...

OESA-2024-1649 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: binder: fix race between mmput and doexit Task A calls binderupdatepagerange to allocate and insert pages on a remote address space from Task B. For this, Task A...

SUSE CVE-2023-52609

In the Linux kernel, the following vulnerability has been resolved: binder: fix race between mmput and doexit Task A calls binderupdatepagerange to allocate and insert pages on a remote address space from Task B. For this, Task A pins the remote mm via mmgetnotzero first. This can race with Task ...

UBUNTU-CVE-2023-52609

In the Linux kernel, the following vulnerability has been resolved: binder: fix race between mmput and doexit Task A calls binderupdatepagerange to allocate and insert pages on a remote address space from Task B. For this, Task A pins the remote mm via mmgetnotzero first. This can race with Task ...

USN-5877-1 linux-gke-5.15 vulnerabilities

Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2022-4378 Tamás Koczka discovered that the Bluetooth L2CAP handshake...

SUSE CVE-2021-39686

In several functions of binder.c, there is a possible way to represent the wrong domain to SELinux due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

USN-5791-3 linux-azure-5.4, linux-azure-fde vulnerabilities

It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-20421 David Leadbeater...

USN-4912-1 linux-oem-5.6 vulnerabilities

Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux kernel did not properly validate computation of branch displacements in some situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-29154 It was...