Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: net: rds: Fixed a memory leak in rdsrecvmsg. Syzbot reported a memory leak in rds. The problem occurred when the reference count was not decremented in case of an error. The code for rdsrecvmsg is as follows: c struct socket...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002818)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002818 advisory. The ipcmsgrecvchecksum function in net/ipv4/ipsockglue.c in the Linux kernel before 4.10.1 has incorrect expectations about skb data layout, which allows local users...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003510)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003510 advisory. In the Linux kernel through 4.14.13, the rdscmsgatomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leadin...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002802)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002802 advisory. The ipcmsgrecvchecksum function in net/ipv4/ipsockglue.c in the Linux kernel before 4.10.1 has incorrect expectations about skb data layout, which allows local users...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000639)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000639 advisory. The llccmsgrcv function in net/llc/afllc.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows attackers to obtain sensitive...

ROS-20260113-7319

A vulnerability in the ipcmsgrecv function of the Linux operating system kernel is related to information disclosure due to discrepancies. Exploitation of the vulnerability may allow an intruder to gain unauthorized access to protected information...

MAL-2025-14768 Malicious code in arc-branch-to-cmsg (npm)

The package arc-branch-to-cmsg was found to contain malicious code...

Malicious code in arc-branch-to-cmsg (npm)

The package arc-branch-to-cmsg was found to contain malicious code...

Malicious code in branch-to-cmsg (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-1838 Malicious code in branch-to-cmsg (npm)

--- -= Per source details. Do not edit below this line.=-...

CVE-2023-52701

In the Linux kernel, the following vulnerability has been resolved: net: use a bounce buffer for copying skb-mark syzbot found arm64 builds would crash in sockrecvmark when CONFIGHARDENEDUSERCOPY=y x86 and powerpc are not detecting the issue because they define useraccessbegin. This will be handl...

Unbreakable Enterprise kernel-container security update

5.4.17-2136.323.8.el7 - vhost-scsi: Fix alignment handling with windows Mike Christie Orabug: 35769318 - Revert 'vhost/scsi: support non zerocopy iovecs' Rajan Shanmugavelu Orabug: 35769318 5.4.17-2136.323.7.el7 - x86: change default to specstorebypassdisable=prctl spectrev2user=prctl Andrea...

Malicious Package

Overview branch-to-cmsg is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package wa...

SUSE CVE-2017-6347

The ipcmsgrecvchecksum function in net/ipv4/ipsockglue.c in the Linux kernel before 4.10.1 has incorrect expectations about skb data layout, which allows local users to cause a denial of service buffer over-read or possibly have unspecified other impact via crafted system calls, as demonstrated b...

PT-2024-11256 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak has been resolved in the Linux kernel, specifically in the rds recvmsg function. The issue was caused by an unputted refcount in case of error. When rds cmsg recv fails,...

kernel: Null pointer dereference in rds_atomic_free_op() allowing denial-of-service

In the Linux kernel through 4.14.13, the rdscmsgatomic function in 'net/rds/rdma.c' mishandles cases where page pinning fails or an invalid address is supplied by a user. This can lead to a NULL pointer dereference in rdsatomicfreeop and thus to a system panic...

DEBIAN-CVE-2018-5333

In the Linux kernel through 4.14.13, the rdscmsgatomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rdsatomicfreeop NULL pointer dereference...

DEBIAN-CVE-2017-6347

The ipcmsgrecvchecksum function in net/ipv4/ipsockglue.c in the Linux kernel before 4.10.1 has incorrect expectations about skb data layout, which allows local users to cause a denial of service buffer over-read or possibly have unspecified other impact via crafted system calls, as demonstrated b...

PT-2017-3518 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.10.1 Description: The issue is related to the ip cmsg recv checksum function in the Linux kernel, which has incorrect expectations about skb data layout. This can be exploited by local users to cause a denial ...

DEBIAN-CVE-2016-4485

The llccmsgrcv function in net/llc/afllc.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory by reading a message...