Lucene search
K

29 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: dmcrypt: added condresched to dmcryptwrite. The loop in dmcryptwrite may run for an unlimited amount of time; therefore, condresched is needed in it. This commit fixes the following warnings: 3391.153255 C12 watchdog: BUG: sof...

5.5CVSS6.4AI score0.00186EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.14 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992921)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992921 advisory. In the Linux kernel, the following vulnerability has been resolved: dm crypt: add condresched to dmcryptwrite The loop in dmcryptwrite may be running for unbounded...

5.5CVSS6.5AI score0.00186EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/30 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992693)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992693 advisory. In the Linux kernel, the following vulnerability has been resolved: dm crypt: add condresched to dmcryptwrite The loop in dmcryptwrite may be running for unbounded...

5.5CVSS6.5AI score0.00186EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/30 12:0 a.m.2 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992601)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992601 advisory. In the Linux kernel, the following vulnerability has been resolved: dm crypt: add condresched to dmcryptwrite The loop in dmcryptwrite may be running for unbounded...

5.5CVSS6.5AI score0.00186EPSS
Exploits0References4
OSV
OSV
added 2025/09/16 2:48 p.m.10 views

CLSA-2025-1758034087 kernel: Fix of 24 CVEs

tls: always refresh the queue when reading sock CVE-2025-38471 - Bluetooth: hcicore: Fix use-after-free in vhciflush CVE-2025-38250 - i2c/designware: Fix an initialization issue CVE-2025-38380 - wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds CVE-2025-38159 - mm/hugetlb:...

7.8CVSS6.6AI score0.00457EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-53051

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dm crypt: add condresched to dmcryptwrite The loop in dmcryptwrite may be running for unbounded amount of time, thus we need condresched in it. This commit fixe...

5.5CVSS6.6AI score0.00186EPSS
Exploits0References3
OSV
OSV
added 2025/06/13 2:19 p.m.4 views

OESA-2025-1626 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix WRITESAME No Data Buffer crash In newer version of the SBC specs, we have a NDOB bit that indicates there is no data buffer that gets written...

7.8CVSS6.5AI score0.0019EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2025/05/03 2:51 a.m.2 views

SUSE CVE-2023-53051

In the Linux kernel, the following vulnerability has been resolved: dm crypt: add condresched to dmcryptwrite The loop in dmcryptwrite may be running for unbounded amount of time, thus we need condresched in it. This commit fixes the following warning: 3391.153255 C12 watchdog: BUG: soft lockup -...

5.5CVSS6.4AI score0.00186EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2025/05/02 4:15 p.m.3 views

CVE-2023-53051

In the Linux kernel, the following vulnerability has been resolved: dm crypt: add condresched to dmcryptwrite The loop in dmcryptwrite may be running for unbounded amount of time, thus we need condresched in it. This commit fixes the following warning: 3391.153255 C12 watchdog: BUG: soft lockup -...

5.5CVSS6.2AI score0.00186EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2025/05/02 4:15 p.m.7 views

DEBIAN-CVE-2023-53051

In the Linux kernel, the following vulnerability has been resolved: dm crypt: add condresched to dmcryptwrite The loop in dmcryptwrite may be running for unbounded amount of time, thus we need condresched in it. This commit fixes the following warning: 3391.153255 C12 watchdog: BUG: soft lockup -...

5.5CVSS5.4AI score0.00186EPSS
Exploits0References1
OSV
OSV
added 2025/05/02 4:15 p.m.1 views

UBUNTU-CVE-2023-53051

In the Linux kernel, the following vulnerability has been resolved: dm crypt: add condresched to dmcryptwrite The loop in dmcryptwrite may be running for unbounded amount of time, thus we need condresched in it. This commit fixes the following warning: 3391.153255 C12 watchdog: BUG: soft lockup -...

5.5CVSS6.1AI score0.00186EPSS
Exploits0References11
CNNVD
CNNVD
added 2025/05/02 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the dmcryptwrite function not adding condresched, which could lead to a soft lockup...

5.5CVSS6.4AI score0.00186EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2017/06/30 12:0 a.m.10 views

The vulnerability of Ubuntu and Debian GNU/Linux operating systems allows attackers to enhance their privileges.

The vulnerability of Ubuntu and Debian GNU/Linux operating systems is related to errors in error handling. Exploiting this vulnerability can allow an intruder to increase their privileges locally. The dmcrypt-get-device utility, which comes with the Ubuntu package for extraction, does not check t...

7.2CVSS7.1AI score0.00469EPSS
Exploits0References5Affected Software2
CNVD
CNVD
added 2017/05/24 12:0 a.m.7 views

Eject dmcrypt-get-device local code execution vulnerability

dmcrypt-get-device is in the debian and Linux eject packages. eject is the command to eject the CD and run CD-Changers under Linux. A local code execution vulnerability exists in eject dmcrypt-get-device. A local attacker could exploit this vulnerability to execute arbitrary code using elevated...

7.8CVSS8.1AI score0.00469EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2017/03/30 12:0 a.m.29 views

Debian DSA-3823-1 : eject - security update

Ilja Van Sprundel discovered that the dmcrypt-get-device helper used to check if a given device is an encrypted device handled by devmapper, and used in eject, does not check return values from setuid and setgid when dropping privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

7.8CVSS7.3AI score0.00469EPSS
Exploits0References4
OSV
OSV
added 2017/03/28 1:59 a.m.3 views

CVE-2017-6964

dmcrypt-get-device, as shipped in the eject package of Debian and Ubuntu, does not check the return value of the 1 setuid or 2 setgid function, which might cause dmcrypt-get-device to execute code, which was intended to run as an unprivileged user, as root. This affects eject through...

7.8CVSS5.9AI score0.00469EPSS
Exploits0References5
NVD
NVD
added 2017/03/28 1:59 a.m.16 views

CVE-2017-6964

dmcrypt-get-device, as shipped in the eject package of Debian and Ubuntu, does not check the return value of the 1 setuid or 2 setgid function, which might cause dmcrypt-get-device to execute code, which was intended to run as an unprivileged user, as root. This affects eject through...

7.8CVSS7.7AI score0.00469EPSS
Exploits0References5
Prion
Prion
added 2017/03/28 1:59 a.m.17 views

Design/Logic Flaw

dmcrypt-get-device, as shipped in the eject package of Debian and Ubuntu, does not check the return value of the 1 setuid or 2 setgid function, which might cause dmcrypt-get-device to execute code, which was intended to run as an unprivileged user, as root. This affects eject through...

7.2CVSS7.5AI score0.00469EPSS
Exploits0References5Affected Software2
CVE
CVE
added 2017/03/28 1:0 a.m.357 views

CVE-2017-6964

CVE-2017-6964 describes a local privilege escalation in eject via the dmcrypt-get-device helper, which does not check return values from setuid() and setgid(). The flaw allows code execution with root privileges when using eject, as reported for Debian/Ubuntu packages (eject versions prior to 2.1...

7.8CVSS7.5AI score0.00469EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2017/03/28 1:0 a.m.29 views

CVE-2017-6964

dmcrypt-get-device, as shipped in the eject package of Debian and Ubuntu, does not check the return value of the 1 setuid or 2 setgid function, which might cause dmcrypt-get-device to execute code, which was intended to run as an unprivileged user, as root. This affects eject through...

7.6AI score0.00469EPSS
Exploits0References4
Rows per page
Query Builder