Lucene search
K

25 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.2 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003878)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003878 advisory. A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability,...

7.8CVSS8.1AI score0.72105EPSS
Exploits27References15
Tenable Nessus
Tenable Nessus
added 2026/01/07 12:0 a.m.5 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000291)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000291 advisory. In binderfreetransaction of binder.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional...

7.4CVSS7.4AI score0.00146EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/07 12:0 a.m.5 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000425)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000425 advisory. In binderreleasework of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no...

7.8CVSS7AI score0.00507EPSS
Exploits2References4
UbuntuCve
UbuntuCve
added 2025/12/24 1:16 p.m.4 views

CVE-2023-54157

In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF of alloc-vma in race with munmap cmllamas: clean forward port from commit 015ac18be7de "binder: fix UAF of alloc-vma in race with munmap" in 5.10 stable. It is needed in mainline after the revert of commit...

5.7AI score0.00168EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.3 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-411363)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-411363 advisory. In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF caused by offsets overwrite Binder objects are processed and copied individually...

7.8CVSS6.4AI score0.00289EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-55512

Malicious code in bioql PyPI...

6.3AI score0.00153EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/09 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2022-49939

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - binder: fix UAF of ref-proc caused by race condition A transaction of type BINDERTYPEWEAKHANDLE can fail to increment the reference for a node. In this case, th...

7CVSS6.7AI score0.00131EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-52438

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: binder: fix use-after-free in shinker's callback The mmap read lock is used during the...

7.8CVSS6.2AI score0.00295EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2019-2213

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In binderfreetransaction of binder.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no...

7.4CVSS7.2AI score0.00146EPSS
Exploits0References2
NVD
NVD
added 2025/07/04 11:15 a.m.12 views

CVE-2025-38176

In the Linux kernel, the following vulnerability has been resolved: binder: fix use-after-free in binderfsevictinode Running 'stress-ng --binderfs 16 --timeout 300' under KASAN-enabled kernel, I've noticed the following: BUG: KASAN: slab-use-after-free in binderfsevictinode+0x1de/0x2d0 Write of...

7.8CVSS0.00138EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2024/12/28 3:48 a.m.2 views

SUSE CVE-2024-56554

In the Linux kernel, the following vulnerability has been resolved: binder: fix freeze UAF in binderreleasework When a binder reference is cleaned up, any freeze work queued in the associated process should also be removed. Otherwise, the reference is freed while its ref-freeze.work is still queu...

7.8CVSS6.5AI score0.00209EPSS
Exploits0References3
OSV
OSV
added 2024/12/27 3:15 p.m.1 views

DEBIAN-CVE-2024-56556

In the Linux kernel, the following vulnerability has been resolved: binder: fix node UAF in binderaddfreezework In binderaddfreezework we iterate over the proc-nodes with the proc-innerlock held. However, this lock is temporarily dropped in order to acquire the node-lock first lock nesting order...

7CVSS5.8AI score0.00149EPSS
Exploits0References1
OSV
OSV
added 2024/09/18 8:15 a.m.1 views

DEBIAN-CVE-2024-46740

In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF caused by offsets overwrite Binder objects are processed and copied individually into the target buffer during transactions. Any raw data in-between these objects is copied as well. However, this raw data copy lac...

7.8CVSS6.3AI score0.00289EPSS
Exploits0References1
OSV
OSV
added 2024/09/18 8:15 a.m.4 views

UBUNTU-CVE-2024-46740

In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF caused by offsets overwrite Binder objects are processed and copied individually into the target buffer during transactions. Any raw data in-between these objects is copied as well. However, this raw data copy lac...

7.8CVSS6.5AI score0.00289EPSS
Exploits0References26
Tenable Nessus
Tenable Nessus
added 2024/03/11 12:0 a.m.57 views

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6688-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6688-1 advisory. Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a...

7.8CVSS7.8AI score0.78388EPSS
Exploits19References61
OSV
OSV
added 2023/09/18 4:47 p.m.10 views

USN-6339-4 linux-intel-iotg vulnerabilities

It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service system crash. CVE-2022-48425...

9.8CVSS6.8AI score0.02975EPSS
Exploits0References9
OSV
OSV
added 2023/09/11 2:24 p.m.2 views

USN-6357-1 linux-ibm, linux-ibm-5.4 vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Ruihan Li discovered that the bluetooth subsystem ...

10CVSS7.3AI score0.05794EPSS
Exploits5References15
OSV
OSV
added 2023/09/08 10:26 p.m.5 views

USN-6338-2 linux-gcp, linux-gcp-6.2, linux-ibm, linux-oracle, linux-starfive vulnerabilities

Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-21255 It was discovered that a race condition existed in th...

9.8CVSS7AI score0.0406EPSS
Exploits0References12
OSV
OSV
added 2023/09/06 4:59 p.m.13 views

USN-6349-1 linux-azure vulnerabilities

Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service bluetooth communication. CVE-2023-2002 Zi Fan Tan discovered that the binder IPC...

10CVSS7.1AI score0.03546EPSS
Exploits2References10
OSV
OSV
added 2023/09/05 11:35 p.m.6 views

USN-6340-1 linux, linux-aws, linux-aws-5.4, linux-gcp, linux-hwe-5.4, linux-iot, linux-kvm, linux-oracle, linux-oracle-5.4 vulnerabilities

Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service bluetooth communication. CVE-2023-2002 Zi Fan Tan discovered that the binder IPC...

10CVSS7.1AI score0.03546EPSS
Exploits2References10
Rows per page
Query Builder