Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: Binder: Fixed a UAF Use-After-Free issue caused by a race condition involving ref-proc. A transaction of type BINDERTYPEWEAKHANDLE may fail to increment the reference count of a node. In this case, the target proc normally releas...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-004802)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004802 advisory. In bindervmaclose of binder.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003876)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003876 advisory. In binderfreetransaction of binder.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003878)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003878 advisory. A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability,...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000291)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000291 advisory. In binderfreetransaction of binder.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000425)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000425 advisory. In binderreleasework of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no...

CVE-2023-54157

In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF of alloc-vma in race with munmap cmllamas: clean forward port from commit 015ac18be7de "binder: fix UAF of alloc-vma in race with munmap" in 5.10 stable. It is needed in mainline after the revert of commit...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-411363)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-411363 advisory. In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF caused by offsets overwrite Binder objects are processed and copied individually...

EUVD-2022-55512

Malicious code in bioql PyPI...

PT-2025-37494

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.10.150-00001-gdc8dcf942daa Description A use-after-free UAF vulnerability exists within the binder component of the Linux kernel. The vulnerability occurs due to a race condition between binder update page rang...

Linux Distros Unpatched Vulnerability : CVE-2022-49939

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - binder: fix UAF of ref-proc caused by race condition A transaction of type BINDERTYPEWEAKHANDLE can fail to increment the reference for a node. In this case, th...

Linux Distros Unpatched Vulnerability : CVE-2023-52438

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: binder: fix use-after-free in shinker's callback The mmap read lock is used during the...

Linux Distros Unpatched Vulnerability : CVE-2019-2215

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this...

Linux Distros Unpatched Vulnerability : CVE-2019-2213

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In binderfreetransaction of binder.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no...

CVE-2025-38176

In the Linux kernel, the following vulnerability has been resolved: binder: fix use-after-free in binderfsevictinode Running 'stress-ng --binderfs 16 --timeout 300' under KASAN-enabled kernel, I've noticed the following: BUG: KASAN: slab-use-after-free in binderfsevictinode+0x1de/0x2d0 Write of...

SUSE CVE-2024-56554

In the Linux kernel, the following vulnerability has been resolved: binder: fix freeze UAF in binderreleasework When a binder reference is cleaned up, any freeze work queued in the associated process should also be removed. Otherwise, the reference is freed while its ref-freeze.work is still queu...

DEBIAN-CVE-2024-56556

In the Linux kernel, the following vulnerability has been resolved: binder: fix node UAF in binderaddfreezework In binderaddfreezework we iterate over the proc-nodes with the proc-innerlock held. However, this lock is temporarily dropped in order to acquire the node-lock first lock nesting order...

DEBIAN-CVE-2024-46740

In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF caused by offsets overwrite Binder objects are processed and copied individually into the target buffer during transactions. Any raw data in-between these objects is copied as well. However, this raw data copy lac...

UBUNTU-CVE-2024-46740

In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF caused by offsets overwrite Binder objects are processed and copied individually into the target buffer during transactions. Any raw data in-between these objects is copied as well. However, this raw data copy lac...

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6688-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6688-1 advisory. Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a...