9 matches found
CLSA-2026-1774460378 postgresql11: Fix of 4 CVEs
Fix CVE-2025-1094: Improper neutralization of quoting syntax in libpq escape functions allowing SQL injection. - Fix CVE-2024-7348: TOCTOU race condition in pgdump allows arbitrary SQL function execution via view/foreign table replacement. - Fix CVE-2024-10979: Block environment variable...
Azure Linux 3.0 Security Update: kernel (CVE-2024-27017)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27017 advisory. - In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: walk over curre...
UBUNTU-CVE-2024-27017
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: walk over current view on netlink dump The generation mask can be updated while netlink dump is in progress. The pipapo set backend walk iterator cannot rely on it to infer what view of the datastructure ...
SUSE CVE-2016-9806
Race condition in the netlinkdump function in net/netlink/afnetlink.c in the Linux kernel before 4.6.3 allows local users to cause a denial of service double free or possibly have unspecified other impact via a crafted application that makes sendmsg system calls, leading to a free operation...
kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping
A flaw was found in the Linux kernel where the coredump implementation does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs. This allows local users to obtain sensitive information, cause a denial of service DoS, or possibly have unspecified other impa...
kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping
A flaw was found in the Linux kernel where the coredump implementation does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs. This allows local users to obtain sensitive information, cause a denial of service DoS, or possibly have unspecified other impa...
USN-4095-1 linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities
Eli Biham and Lior Neumann discovered that the Bluetooth implementation in the Linux kernel did not properly validate elliptic curve parameters during Diffie-Hellman key exchange in some situations. An attacker could use this to expose sensitive information. CVE-2018-5383 It was discovered that a...
USN-4069-2 linux-hwe vulnerabilities
USN-4069-1 fixed vulnerabilities in the Linux kernel for Ubuntu 19.04. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 19.04 for Ubuntu 18.04 LTS. It was discovered that an integer overflow existed in the Linux kernel when reference counting...
DEBIAN-CVE-2016-9806
Race condition in the netlinkdump function in net/netlink/afnetlink.c in the Linux kernel before 4.6.3 allows local users to cause a denial of service double free or possibly have unspecified other impact via a crafted application that makes sendmsg system calls, leading to a free operation...