29 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: dmcrypt: added condresched to dmcryptwrite. The loop in dmcryptwrite may run for an unlimited amount of time; therefore, condresched is needed in it. This commit fixes the following warnings: 3391.153255 C12 watchdog: BUG: sof...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992921)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992921 advisory. In the Linux kernel, the following vulnerability has been resolved: dm crypt: add condresched to dmcryptwrite The loop in dmcryptwrite may be running for unbounded...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992693)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992693 advisory. In the Linux kernel, the following vulnerability has been resolved: dm crypt: add condresched to dmcryptwrite The loop in dmcryptwrite may be running for unbounded...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992601)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992601 advisory. In the Linux kernel, the following vulnerability has been resolved: dm crypt: add condresched to dmcryptwrite The loop in dmcryptwrite may be running for unbounded...
CLSA-2025-1758034087 kernel: Fix of 24 CVEs
tls: always refresh the queue when reading sock CVE-2025-38471 - Bluetooth: hcicore: Fix use-after-free in vhciflush CVE-2025-38250 - i2c/designware: Fix an initialization issue CVE-2025-38380 - wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds CVE-2025-38159 - mm/hugetlb:...
Linux Distros Unpatched Vulnerability : CVE-2023-53051
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dm crypt: add condresched to dmcryptwrite The loop in dmcryptwrite may be running for unbounded amount of time, thus we need condresched in it. This commit fixe...
OESA-2025-1626 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix WRITESAME No Data Buffer crash In newer version of the SBC specs, we have a NDOB bit that indicates there is no data buffer that gets written...
SUSE CVE-2023-53051
In the Linux kernel, the following vulnerability has been resolved: dm crypt: add condresched to dmcryptwrite The loop in dmcryptwrite may be running for unbounded amount of time, thus we need condresched in it. This commit fixes the following warning: 3391.153255 C12 watchdog: BUG: soft lockup -...
CVE-2023-53051
In the Linux kernel, the following vulnerability has been resolved: dm crypt: add condresched to dmcryptwrite The loop in dmcryptwrite may be running for unbounded amount of time, thus we need condresched in it. This commit fixes the following warning: 3391.153255 C12 watchdog: BUG: soft lockup -...
DEBIAN-CVE-2023-53051
In the Linux kernel, the following vulnerability has been resolved: dm crypt: add condresched to dmcryptwrite The loop in dmcryptwrite may be running for unbounded amount of time, thus we need condresched in it. This commit fixes the following warning: 3391.153255 C12 watchdog: BUG: soft lockup -...
UBUNTU-CVE-2023-53051
In the Linux kernel, the following vulnerability has been resolved: dm crypt: add condresched to dmcryptwrite The loop in dmcryptwrite may be running for unbounded amount of time, thus we need condresched in it. This commit fixes the following warning: 3391.153255 C12 watchdog: BUG: soft lockup -...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the dmcryptwrite function not adding condresched, which could lead to a soft lockup...
The vulnerability of Ubuntu and Debian GNU/Linux operating systems allows attackers to enhance their privileges.
The vulnerability of Ubuntu and Debian GNU/Linux operating systems is related to errors in error handling. Exploiting this vulnerability can allow an intruder to increase their privileges locally. The dmcrypt-get-device utility, which comes with the Ubuntu package for extraction, does not check t...
Eject dmcrypt-get-device local code execution vulnerability
dmcrypt-get-device is in the debian and Linux eject packages. eject is the command to eject the CD and run CD-Changers under Linux. A local code execution vulnerability exists in eject dmcrypt-get-device. A local attacker could exploit this vulnerability to execute arbitrary code using elevated...
Debian DSA-3823-1 : eject - security update
Ilja Van Sprundel discovered that the dmcrypt-get-device helper used to check if a given device is an encrypted device handled by devmapper, and used in eject, does not check return values from setuid and setgid when dropping privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
CVE-2017-6964
dmcrypt-get-device, as shipped in the eject package of Debian and Ubuntu, does not check the return value of the 1 setuid or 2 setgid function, which might cause dmcrypt-get-device to execute code, which was intended to run as an unprivileged user, as root. This affects eject through...
CVE-2017-6964
dmcrypt-get-device, as shipped in the eject package of Debian and Ubuntu, does not check the return value of the 1 setuid or 2 setgid function, which might cause dmcrypt-get-device to execute code, which was intended to run as an unprivileged user, as root. This affects eject through...
Design/Logic Flaw
dmcrypt-get-device, as shipped in the eject package of Debian and Ubuntu, does not check the return value of the 1 setuid or 2 setgid function, which might cause dmcrypt-get-device to execute code, which was intended to run as an unprivileged user, as root. This affects eject through...
CVE-2017-6964
CVE-2017-6964 describes a local privilege escalation in eject via the dmcrypt-get-device helper, which does not check return values from setuid() and setgid(). The flaw allows code execution with root privileges when using eject, as reported for Debian/Ubuntu packages (eject versions prior to 2.1...
CVE-2017-6964
dmcrypt-get-device, as shipped in the eject package of Debian and Ubuntu, does not check the return value of the 1 setuid or 2 setgid function, which might cause dmcrypt-get-device to execute code, which was intended to run as an unprivileged user, as root. This affects eject through...