Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

An out-of-bounds read vulnerability was found in Netfilter Connection Tracking conntrack in the Linux kernel. This flaw allows a remote user to disclose sensitive information via the DCCP protocol...

MiracleLinux 7 : kernel-3.10.0-514.6.2.el7 (AXSA:2017-1335:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-1335:02 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating system:...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003412)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003412 advisory. The dccprcvstateprocess function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCPPKTREQUEST packet data structures in the LISTEN state, which...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002280)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002280 advisory. net/netfilter/nfconntrackprotogeneric.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the...

EUVD-2023-60124

In the Linux kernel, the following vulnerability has been resolved: dccp: Fix out of bounds access in DCCP error handler There was a previous attempt to fix an out-of-bounds access in the DCCP error handlers, but that fix assumed that the error handlers only want to access the first 8 bytes of th...

CVE-2023-53839

The CVE-2023-53839 entry concerns a data race in the Linux kernel's DCCP path. Specifically, dccp_sendmsg() and do_dccp_getsockopt() read dp->dccps_mss_cache before acquiring the socket lock, allowing a race with concurrent updates. The fix adds READ_ONCE()/WRITE_ONCE() annotations and modifie...

USN-7865-1: Linux kernel (FIPS) vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

USN-7853-3: Linux kernel (Azure) vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

USN-7863-1: Linux kernel vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-7853-1)

"The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7853-1 advisory. Jean-Claude Graf, Sandro Regge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor...

USN-7854-1 linux-kvm vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

USN-7854-1: Linux kernel (KVM) vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

USN-7853-1: Linux kernel vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

EUVD-2023-42931

Malicious code in bioql PyPI...

dccp: Fix memory leak in dccp_feat_change_recv

...

Linux Kernel Netfilter Conntrack Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Linux Kernel. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the DCCP protocol. The issue results from the lack of proper...

Ubuntu 14.04 LTS / 16.04 LTS : Linux kernel vulnerabilities (USN-6700-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6700-1 advisory. It was discovered that the Layer 2 Tunneling Protocol L2TP implementation in the Linux kernel contained a race condition when releasing...

CVE-2023-52577

In the Linux kernel, the following vulnerability has been resolved: dccp: fix dccpv4err/dccpv6err again dh-dccphx is the 9th byte offset 8 in "struct dccphdr", not in the "byte 7" as Jann claimed. We need to make sure the ICMP messages are big enough, using more standard ways no more assumptions...

Spoofing

In the Linux kernel, the following vulnerability has been resolved: dccp: fix dccpv4err/dccpv6err again dh-dccphx is the 9th byte offset 8 in "struct dccphdr", not in the "byte 7" as Jann claimed. We need to make sure the ICMP messages are big enough, using more standard ways no more assumptions...

CVE-2023-39197

An out-of-bounds read vulnerability was found in Netfilter Connection Tracking conntrack in the Linux kernel. This flaw allows a remote user to disclose sensitive information via the DCCP protocol...