CVE-2022-23089

When dumping core and saving process information, procgetargv might return an sbuf which have a sbuflen of 0 or -1, which is not properly handled. An out-of-bound read can happen when user constructs a specially crafted psstring, which in turn can cause the kernel to crash...

Out-of-bounds

When dumping core and saving process information, procgetargv might return an sbuf which have a sbuflen of 0 or -1, which is not properly handled. An out-of-bound read can happen when user constructs a specially crafted psstring, which in turn can cause the kernel to crash...

Linux 5.6 IORING_OP_MADVISE Race Condition

Linux 5.6: IORINGOPMADVISE races with coredumping Last year, I noticed that core dumping iterates over current-mm's VMA list without proper locking, under the assumption that the VMA list can not be modified externally. This assumption was broken by userfaultfd, which can trigger VMA merging...

CVE-2019-3892

A race condition was found between mmgetnotzero/gettaskmm when core dumping tasks. A local attacker is able to exploit race condition where locking of semaphore would allow an attacker to leak kernel memory to userspace...

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 7.5 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists due to an incomplete fix for race condition between mmgetnotzero/gettaskmm, and core dumping in CVE-2019-11599...

kernel: incomplete fix for race condition between mmget_not_zero()/get_task_mm() and core dumping in CVE-2019-11599

The fix for CVE-2019-11599 was not complete. A local user could use this flaw to obtain sensitive information, cause a denial of service, or possibly have other unspecified impacts by triggering a race condition with mmgetnotzero or gettaskmm calls...

kernel: incomplete fix for race condition between mmget_not_zero()/get_task_mm() and core dumping in CVE-2019-11599

The fix for CVE-2019-11599 was not complete. A local user could use this flaw to obtain sensitive information, cause a denial of service, or possibly have other unspecified impacts by triggering a race condition with mmgetnotzero or gettaskmm calls...

kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping

A flaw was found in the Linux kernel where the coredump implementation does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs. This allows local users to obtain sensitive information, cause a denial of service DoS, or possibly have unspecified other impa...

Ubuntu 6.06 LTS / 6.10 : linux-source-2.6.15/2.6.17 vulnerabilities (USN-451-1)

The kernel key management code did not correctly handle key reuse. A local attacker could create many key requests, leading to a denial of service. CVE-2007-0006 The kernel NFS code did not correctly validate NFSACL2 ACCESS requests. If a system was serving NFS mounts, a remote attacker could sen...

USN-451-1: Linux kernel vulnerabilities

The kernel key management code did not correctly handle key reuse. A local attacker could create many key requests, leading to a denial of service. CVE-2007-0006 The kernel NFS code did not correctly validate NFSACL2 ACCESS requests. If a system was serving NFS mounts, a remote attacker could sen...