Lucene search
K

39 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A vulnerability was discovered in the cgroupreleaseagentwrite function of the Linux kernel, within the kernel/cgroup/cgroup-v1.c file. Under certain circumstances, this flaw allows the use of the cgroups v1 releaseagent feature to escalate privileges and bypass namespace isolation unexpectedly...

7.8CVSS6.9AI score0.05528EPSS
Exploits12References2
VulnCheck KEV
VulnCheck KEV
added 2026/06/01 12:0 a.m.19 views

VulnCheck KEV: CVE-2022-0492

A vulnerability was found in the Linux kernel’s cgroupreleaseagentwrite in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 releaseagent feature to escalate privileges and bypass the namespace isolation unexpectedly...

7.8CVSS6.9AI score0.05528EPSS
In wildExploits12References4
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Prevent UAF in proccpusetshow A UAF can occur when reading /proc/cpuset, as reported in 1. This issue can be reproduced using the following methods: 1. Add an mdelay1000 before acquiring the cgrouplock in the...

5.5CVSS6.3AI score0.00223EPSS
Exploits0References2
CVE
CVE
added 2026/05/12 1:31 p.m.19 views

CVE-2026-43916

Summary: pam_authnft is affected by a heap buffer over-read in peer_lookup_tcp (src/peer_lookup.c:134) that could allow a crafted NETLINK_SOCK_DIAG reply to bypass the message-size check and dereference past the end of the allocation. This vulnerability exists prior to version 0.2.0-alpha and is ...

8.7CVSS5.9AI score0.00263EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/12 1:31 p.m.12 views

EUVD-2026-29474

pamauthnft is a PAM session module binding nftables firewall rules to authenticated sessions via cgroupv2 inodes. Prior to 0.2.0-alpha, a heap buffer over-read in peerlookuptcp src/peerlookup.c:134, prior to the fix allowed a crafted NETLINKSOCKDIAG reply to slip past the message-size check, then...

8.7CVSS5.9AI score0.00263EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.5 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992815)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992815 advisory. In the Linux kernel, the following vulnerability has been resolved: sched, cpuset: Fix dlcpubusy panic due to empty cs-cpusallowed With cgroup v2, the cpuset's...

7.1CVSS6AI score0.00159EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/30 12:0 a.m.5 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992555)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992555 advisory. In the Linux kernel, the following vulnerability has been resolved: sched, cpuset: Fix dlcpubusy panic due to empty cs-cpusallowed With cgroup v2, the cpuset's...

7.1CVSS6AI score0.00159EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2025/11/12 10:36 a.m.9 views

Security update for runc

This update for runc fixes the following issues: Update to runc v1.3.3. Upstream changelog is available from . bsc1252232 CVE-2025-31133 CVE-2025-52565 CVE-2025-52881 Update to runc v1.3.2. Upstream changelog is available from bsc1252110 Includes an important fix for the CPUSet translation for...

7.8CVSS6.8AI score0.0067EPSS
Exploits4References10
OSV
OSV
added 2025/11/10 2:45 p.m.3 views

SUSE-SU-2025:21036-1 Security update for runc

This update for runc fixes the following issues: Update to runc v1.3.3. Upstream changelog is available from . bsc1252232 CVE-2025-31133 CVE-2025-52565 CVE-2025-52881 Update to runc v1.3.2. Upstream changelog is available from bsc1252110 - Includes an important fix for the CPUSet translation for...

8.4CVSS6.9AI score0.0067EPSS
Exploits4References6
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414536)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414536 advisory. A use-after-free flaw was found in cgroup1parseparam in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege coul...

8.8CVSS6.7AI score0.01206EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-55369

Malicious code in bioql PyPI...

7.1AI score0.00159EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2025/09/04 4:8 a.m.6 views

Cri-o: pods are able to break out of resource confinement on cgroupv2

...

7.5CVSS7AI score0.00859EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2021-4154

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free flaw was found in cgroup1parseparam in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege...

8.8CVSS6.6AI score0.01206EPSS
Exploits2References2
OSV
OSV
added 2024/08/17 10:15 a.m.6 views

DEBIAN-CVE-2024-43853

In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Prevent UAF in proccpusetshow An UAF can happen when /proc/cpuset is read as reported in 1. This can be reproduced by the following methods: 1.add an mdelay1000 before acquiring the cgrouplock In the cgrouppathns...

5.5CVSS5.6AI score0.00223EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/08/08 4:53 a.m.3 views

kernel: ovl: fix warning in ovl_create_real()

In the Linux kernel, the following vulnerability has been resolved: ovl: fix warning in ovlcreatereal Syzbot triggered the following warning in ovlworkdircreate - ovlcreatereal: if !err && WARNON!newdentry-dinode The reason is that the cgroup2 filesystem returns from mkdir without instantiating t...

5.5CVSS6.4AI score0.00235EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/08/08 4:44 a.m.3 views

kernel: ovl: fix warning in ovl_create_real()

In the Linux kernel, the following vulnerability has been resolved: ovl: fix warning in ovlcreatereal Syzbot triggered the following warning in ovlworkdircreate - ovlcreatereal: if !err && WARNON!newdentry-dinode The reason is that the cgroup2 filesystem returns from mkdir without instantiating t...

5.5CVSS6.4AI score0.00235EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2024/06/21 3:52 a.m.4 views

SUSE CVE-2021-47579

In the Linux kernel, the following vulnerability has been resolved: ovl: fix warning in ovlcreatereal Syzbot triggered the following warning in ovlworkdircreate - ovlcreatereal: if !err && WARNON!newdentry-dinode The reason is that the cgroup2 filesystem returns from mkdir without instantiating t...

3.3CVSS5.8AI score0.00235EPSS
Exploits0References3
OSV
OSV
added 2024/06/19 3:15 p.m.1 views

UBUNTU-CVE-2021-47579

In the Linux kernel, the following vulnerability has been resolved: ovl: fix warning in ovlcreatereal Syzbot triggered the following warning in ovlworkdircreate - ovlcreatereal: if !err && WARNON!newdentry-dinode The reason is that the cgroup2 filesystem returns from mkdir without instantiating t...

5.5CVSS6.1AI score0.00235EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2024/01/17 5:47 p.m.4 views

cri-o: Pods are able to break out of resource confinement on cgroupv2

A flaw was found in CRI-O that involves an experimental annotation leading to a container being unconfined. This may allow a pod to specify and get any amount of memory/cpu, circumventing the kubernetes scheduler and potentially resulting in a denial of service in the node...

7.5CVSS5.7AI score0.00859EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/07/26 12:0 a.m.4 views

PT-2023-36236 · Conmon · Conmon

Name of the Vulnerable Software and Affected Versions: conmon versions prior to 2.1.7 Description: The issue concerns conmon, where several bugs have been fixed, including leaking symbolic links in the opt socket path directory, cgroup oom issues, and OOM watcher for cgroupv2 oom kill events. The...

7.4AI score
Exploits0References4
Rows per page
Query Builder