Lucene search
K

22 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.13 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007286)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007286 advisory. In the Linux kernel, the following vulnerability has been resolved: afunix: Fix garbage collector racing against connect Garbage collector does not take into accoun...

4.7CVSS6.2AI score0.00193EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/03/05 11:52 a.m.5 views

kernel: Linux kernel: vsock vulnerability may lead to memory corruption

A flaw was found in the Linux kernel's vsock component. This vulnerability occurs when a connect operation on an already established socket is interrupted by a signal or timeout, causing the system to mishandle the socket's state. This incorrect handling can lead to a race condition, potentially...

5.8AI score0.00203EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/02/04 6:55 p.m.5 views

kernel: Linux kernel: vsock vulnerability may lead to memory corruption

A flaw was found in the Linux kernel's vsock component. This vulnerability occurs when a connect operation on an already established socket is interrupted by a signal or timeout, causing the system to mishandle the socket's state. This incorrect handling can lead to a race condition, potentially...

5.8AI score0.00203EPSS
Exploits0References5
OSV
OSV
added 2025/12/30 1:16 p.m.8 views

UBUNTU-CVE-2023-54280

In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential race when tree connecting ipc Protect access of TCPServerInfo::hostname when building the ipc tree name as it might get freed in cifsd thread and thus causing an use-after-free bug in treeconnectdfstarget. Als...

5.7AI score0.00167EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2025/12/30 1:16 p.m.6 views

CVE-2023-54280

In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential race when tree connecting ipc Protect access of TCPServerInfo::hostname when building the ipc tree name as it might get freed in cifsd thread and thus causing an use-after-free bug in treeconnectdfstarget. Als...

5.7AI score0.00167EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/12/05 4:14 p.m.5 views

CVE-2025-40248

In the Linux kernel, the following vulnerability has been resolved: vsock: Ignore signal/timeout on connect if already established During connect, acting on a signal/timeout by disconnecting an already established socket leads to several issues: 1. connect invoking vsocktransportcancelpkt -...

7CVSS5.7AI score0.00203EPSS
Exploits0References4
NVD
NVD
added 2025/12/04 4:16 p.m.7 views

CVE-2025-40248

In the Linux kernel, the following vulnerability has been resolved: vsock: Ignore signal/timeout on connect if already established During connect, acting on a signal/timeout by disconnecting an already established socket leads to several issues: 1. connect invoking vsocktransportcancelpkt -...

0.00203EPSS
Exploits0References9
Cvelist
Cvelist
added 2025/12/04 4:8 p.m.23 views

CVE-2025-40248 vsock: Ignore signal/timeout on connect() if already established

In the Linux kernel, the following vulnerability has been resolved: vsock: Ignore signal/timeout on connect if already established During connect, acting on a signal/timeout by disconnecting an already established socket leads to several issues: 1. connect invoking vsocktransportcancelpkt -...

0.00203EPSS
Exploits0References8
EUVD
EUVD
added 2025/12/04 4:8 p.m.4 views

EUVD-2025-201209

In the Linux kernel, the following vulnerability has been resolved: vsock: Ignore signal/timeout on connect if already established During connect, acting on a signal/timeout by disconnecting an already established socket leads to several issues: 1. connect invoking vsocktransportcancelpkt -...

5.8AI score0.00203EPSS
Exploits0References6
CVE
CVE
added 2025/12/04 4:8 p.m.33 views

CVE-2025-40248

CVE-2025-40248 affects the Linux kernel vsock connect path, where signaling/timeout handling can race with established sockets, potentially causing use-after-free, sockmap state issues and linger behavior. Public advisories (MGASA-2026-0018 and vendor advisories) confirm a fix in kernel versions ...

6AI score0.00203EPSS
Exploits0References9
OSV
OSV
added 2025/12/04 4:8 p.m.3 views

CVE-2025-40248 vsock: Ignore signal/timeout on connect() if already established

In the Linux kernel, the following vulnerability has been resolved: vsock: Ignore signal/timeout on connect if already established During connect, acting on a signal/timeout by disconnecting an already established socket leads to several issues: 1. connect invoking vsocktransportcancelpkt -...

6.3AI score0.00203EPSS
Exploits0References11
OSV
OSV
added 2025/02/27 2:15 a.m.4 views

DEBIAN-CVE-2024-57974

In the Linux kernel, the following vulnerability has been resolved: udp: Deal with race between UDP socket address change and rehash If a UDP socket changes its local address while it's receiving datagrams, as a result of connect, there is a period during which a lookup operation might fail to fi...

4.7CVSS5.7AI score0.00137EPSS
Exploits0References1
OSV
OSV
added 2025/02/27 2:15 a.m.2 views

UBUNTU-CVE-2024-57974

In the Linux kernel, the following vulnerability has been resolved: udp: Deal with race between UDP socket address change and rehash If a UDP socket changes its local address while it's receiving datagrams, as a result of connect, there is a period during which a lookup operation might fail to fi...

4.7CVSS6.5AI score0.00137EPSS
Exploits0References18
RedHat Linux
RedHat Linux
added 2024/09/24 12:40 a.m.4 views

kernel: af_unix: Fix garbage collector racing against connect()

A flaw was found in the Linux kernel, where the management of inter-process communication uses AFUNIX sockets. The issue arises from a race condition where a partially initialized socket with specific permissions carrying SCMRIGHTS is improperly handled during garbage collection. This situation...

4.7CVSS6.7AI score0.00193EPSS
Exploits0References5
OSV
OSV
added 2024/07/30 8:15 a.m.2 views

UBUNTU-CVE-2024-42152

In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a possible leak when destroy a ctrl during qp establishment In nvmetsqdestroy we capture sq-ctrl early and if it is non-NULL we know that a ctrl was allocated in the admin connect request handler and we need to release...

4.7CVSS6.1AI score0.00224EPSS
Exploits0References25
Amazon
Amazon
added 2024/05/20 12:0 a.m.5 views

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread one which called recvmsg/sendmsg may exit as soon as the async crypto handler calls complete so any code past that point risks touching...

5.5CVSS6.7AI score0.00246EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2024/04/25 11:11 p.m.5 views

SUSE CVE-2024-26923

In the Linux kernel, the following vulnerability has been resolved: afunix: Fix garbage collector racing against connect Garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. If such embryo has a peer that carries SCMRIGHTS, two consecutiv...

7CVSS6.2AI score0.00193EPSS
Exploits0References216
OSV
OSV
added 2022/08/31 4:15 p.m.3 views

DEBIAN-CVE-2022-1247

An issue found in linux-kernel that leads to a race condition in roseconnect. The rose driver uses roseneigh-use to represent how many objects are using the roseneigh. When a user wants to delete a roseroute via roseioctl, the rose driver calls rosedelnode and removes neighbours only if their...

7CVSS7.3AI score0.00258EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2022/07/19 9:9 p.m.5 views

kernel: Race condition in races in sk_peer_pid and sk_peer_cred accesses

A use-after-free read flaw was found in sockgetsockopt in net/core/sock.c due to SOPEERCRED and SOPEERGROUPS race with listen and connect in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information...

6.8CVSS6.6AI score0.01747EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2022/05/10 1:58 p.m.4 views

kernel: Race condition in races in sk_peer_pid and sk_peer_cred accesses

A use-after-free read flaw was found in sockgetsockopt in net/core/sock.c due to SOPEERCRED and SOPEERGROUPS race with listen and connect in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information...

6.8CVSS6.6AI score0.01747EPSS
Exploits1References7
Rows per page
Query Builder