25 matches found
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003878)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003878 advisory. A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability,...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000291)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000291 advisory. In binderfreetransaction of binder.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000425)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000425 advisory. In binderreleasework of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no...
CVE-2023-54157
In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF of alloc-vma in race with munmap cmllamas: clean forward port from commit 015ac18be7de "binder: fix UAF of alloc-vma in race with munmap" in 5.10 stable. It is needed in mainline after the revert of commit...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-411363)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-411363 advisory. In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF caused by offsets overwrite Binder objects are processed and copied individually...
EUVD-2022-55512
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-49939
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - binder: fix UAF of ref-proc caused by race condition A transaction of type BINDERTYPEWEAKHANDLE can fail to increment the reference for a node. In this case, th...
Linux Distros Unpatched Vulnerability : CVE-2023-52438
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: binder: fix use-after-free in shinker's callback The mmap read lock is used during the...
Linux Distros Unpatched Vulnerability : CVE-2019-2213
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In binderfreetransaction of binder.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no...
CVE-2025-38176
In the Linux kernel, the following vulnerability has been resolved: binder: fix use-after-free in binderfsevictinode Running 'stress-ng --binderfs 16 --timeout 300' under KASAN-enabled kernel, I've noticed the following: BUG: KASAN: slab-use-after-free in binderfsevictinode+0x1de/0x2d0 Write of...
SUSE CVE-2024-56554
In the Linux kernel, the following vulnerability has been resolved: binder: fix freeze UAF in binderreleasework When a binder reference is cleaned up, any freeze work queued in the associated process should also be removed. Otherwise, the reference is freed while its ref-freeze.work is still queu...
DEBIAN-CVE-2024-56556
In the Linux kernel, the following vulnerability has been resolved: binder: fix node UAF in binderaddfreezework In binderaddfreezework we iterate over the proc-nodes with the proc-innerlock held. However, this lock is temporarily dropped in order to acquire the node-lock first lock nesting order...
DEBIAN-CVE-2024-46740
In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF caused by offsets overwrite Binder objects are processed and copied individually into the target buffer during transactions. Any raw data in-between these objects is copied as well. However, this raw data copy lac...
UBUNTU-CVE-2024-46740
In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF caused by offsets overwrite Binder objects are processed and copied individually into the target buffer during transactions. Any raw data in-between these objects is copied as well. However, this raw data copy lac...
Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6688-1)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6688-1 advisory. Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a...
USN-6339-4 linux-intel-iotg vulnerabilities
It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service system crash. CVE-2022-48425...
USN-6357-1 linux-ibm, linux-ibm-5.4 vulnerabilities
Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Ruihan Li discovered that the bluetooth subsystem ...
USN-6338-2 linux-gcp, linux-gcp-6.2, linux-ibm, linux-oracle, linux-starfive vulnerabilities
Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-21255 It was discovered that a race condition existed in th...
USN-6349-1 linux-azure vulnerabilities
Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service bluetooth communication. CVE-2023-2002 Zi Fan Tan discovered that the binder IPC...
USN-6340-1 linux, linux-aws, linux-aws-5.4, linux-gcp, linux-hwe-5.4, linux-iot, linux-kvm, linux-oracle, linux-oracle-5.4 vulnerabilities
Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service bluetooth communication. CVE-2023-2002 Zi Fan Tan discovered that the binder IPC...