The vulnerability of the SCTP socket buffer in Linux kernel allows a hacker to induce a service failure.

The vulnerability of the SCTP socket buffer in Linux operating systems is related to the use of memory after the cgroups subsystem is freed. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

Virtuozzo ReadyKernel patch 123.0 for Virtuozzo Hybrid Server 7.0, 7.5, Virtuozzo Infrastructure Platform 3.0, and Virtuozzo Hybrid Infrastructure 3.5, 4.0

The cumulative Virtuozzo ReadyKernel patch was updated with stability fixes. The patch applies to all supported kernels of Virtuozzo Hybrid Server 7, Virtuozzo Infrastructure Platform, and Virtuozzo Hybrid Infrastructure. Vulnerability id: PSBM-126014 3.10.0-1127.18.2.vz7.163.46 The number of...

CVE-2021-20194

There is a vulnerability in the linux kernel versions higher than 5.2 if kernel compiled with config params CONFIGBPFSYSCALL=y , CONFIGBPF=y , CONFIGCGROUPS=y , CONFIGCGROUPBPF=y , CONFIGHARDENEDUSERCOPY not set, and BPF hook to getsockopt is registered. As result of BPF execution, the local user...

CVE-2021-20194

CVE-2021-20194 affects Linux kernels 5.2+ when compiled with CONFIG_BPF_SYSCALL=y, CONFIG_BPF=y, CONFIG_CGROUPS=y, CONFIG_CGROUP_BPF=y, and without hardened_usercopy; a BPF execution bug in __cgroup_bpf_run_filter_getsockopt() can cause a heap overflow. Local attackers can potentially cause DoS o...

CVE-2021-20194

There is a vulnerability in the linux kernel versions higher than 5.2 if kernel compiled with config params CONFIGBPFSYSCALL=y , CONFIGBPF=y , CONFIGCGROUPS=y , CONFIGCGROUPBPF=y , CONFIGHARDENEDUSERCOPY not set, and BPF hook to getsockopt is registered. As result of BPF execution, the local user...

systemd bug fix and enhancement update

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes...

SUSE SLES15 Security Update : podman (SUSE-SU-2020:3378-1)

This update for podman fixes the following issues : Security issue fixed : This release resolves CVE-2020-14370, in which environment variables could be leaked between containers created using the Varlink API bsc1176804. Non-security issues fixed : add dependency to timezone package or podman fai...

Low: Red Hat Security Advisory: systemd security, bug fix, and enhancement update

An update for systemd is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

Security update for conmon, fuse-overlayfs, libcontainers-common, podman (moderate)

openSUSE Security Update: Security update for conmon, fuse-overlayfs, libcontainers-common, podman Announcement ID: openSUSE-SU-2020:1559-1 Rating: moderate References: 1162432 1164090 1165738 1171578 1174075 1175821 1175957 Cross-References: CVE-2020-1726 Affected Products: openSUSE Leap 15.2 An...

Moderate: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impac...

The vulnerability of the Linux operating system’s kernel cgroups function, allowing a hacker to execute arbitrary code

The vulnerability of the Linux operating system’s kernel cgroups function is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

CVE-2020-25220

A flaw was found in the Linux kernel. The cgroups feature is affected by a use-after-free memory flaw that was not considered during the backport for CVE-2020-14356. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

CVE-2020-25220

The Linux kernel 4.9.x before 4.9.233, 4.14.x before 4.14.194, and 4.19.x before 4.19.140 has a use-after-free because skcd-norefcnt was not considered during a backport of a CVE-2020-14356 patch. This is related to the cgroups feature...

CVE-2020-25220

The Linux kernel 4.9.x before 4.9.233, 4.14.x before 4.14.194, and 4.19.x before 4.19.140 has a use-after-free because skcd-norefcnt was not considered during a backport of a CVE-2020-14356 patch. This is related to the cgroups feature...

CVE-2020-25220

The Linux kernel 4.9.x before 4.9.233, 4.14.x before 4.14.194, and 4.19.x before 4.19.140 has a use-after-free because skcd-norefcnt was not considered during a backport of a CVE-2020-14356 patch. This is related to the cgroups feature...

Design/Logic Flaw

The Linux kernel 4.9.x before 4.9.233, 4.14.x before 4.14.194, and 4.19.x before 4.19.140 has a use-after-free because skcd-norefcnt was not considered during a backport of a CVE-2020-14356 patch. This is related to the cgroups feature...

UBUNTU-CVE-2020-25220

The Linux kernel 4.9.x before 4.9.233, 4.14.x before 4.14.194, and 4.19.x before 4.19.140 has a use-after-free because skcd-norefcnt was not considered during a backport of a CVE-2020-14356 patch. This is related to the cgroups feature...

CVE-2020-25220

The Linux kernel 4.9.x before 4.9.233, 4.14.x before 4.14.194, and 4.19.x before 4.19.140 has a use-after-free because skcd-norefcnt was not considered during a backport of a CVE-2020-14356 patch. This is related to the cgroups feature...

CVE-2020-25220

CVE-2020-25220 is a Linux kernel local-use-after-free vulnerability in the cgroup subsystem caused by not accounting for skcd->no_refcnt during a backport of CVE-2020-14356. Affects 4.9.x (before 4.9.233), 4.14.x (before 4.14.194), and 4.19.x (before 4.19.140). The issue originates from backpo...

CVE-2020-25220

The Linux kernel 4.9.x before 4.9.233, 4.14.x before 4.14.194, and 4.19.x before 4.19.140 has a use-after-free because skcd-norefcnt was not considered during a backport of a CVE-2020-14356 patch. This is related to the cgroups feature...