2321 matches found
kernel: Read root-owned files as an unprivileged user
A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully...
kernel: Read root-owned files as an unprivileged user
A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully...
kernel: Read root-owned files as an unprivileged user
A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully...
kernel: Read root-owned files as an unprivileged user
A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully...
kernel: Read root-owned files as an unprivileged user
A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully...
kernel: Read root-owned files as an unprivileged user
A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully...
kernel: Read root-owned files as an unprivileged user
A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully...
kernel: Read root-owned files as an unprivileged user
A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: ila: Call nfunregisternethooks earlier. A use-after-free condition was found in ilanfinput 1. The issue arises from ilaxlatexitnet freeing the rhashtable, followed by the call to nfunregisternethooks. This should be done in th...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: block: Disable the elevator delgendisk. The elevator is only used for file system operations, which are halted during delgendisk. Disabling the elevator and freeing the scheduler tags should be moved to the end of delgendisk,...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net: macb: Fixed the call order of unregisternetdev in macbremove. When removing a macb device, the driver calls phyexit before unregisternetdev. This results in a warning from kernfs: ------------ Cut here ------------ kernfs:...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: schedext: Preemption between scxclaimexit and the kicking of helper tasks is disabled. scxclaimexit atomically sets the exitkind value, preventing scxerror from triggering further error handling. After claiming exit, the caller...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Tracing: kprobe: Fixed a potential null-ptr-dereference issue in tracearray within kprobeeventgentestexit. When testgenkprobecmd fails after kprobeeventgencmdend, it will go to delete, which will call kprobeeventdelete and releas...
Astra Linux - уязвимость в linux-5.15, linux-6.1, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ACPI: PAD: fixed a crash in exitroundrobin The kernel occasionally crashes in cpumaskclearcpu, which is called within exitroundrobin. This occurs when executing clearbitnr, addr with nr set to 0xffffffff. In such cases, the addre...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Tracing: Build event generation tests are now performed only as modules. The kprobes and synth event generation test modules add events and lock those event files during the module initialization function. They also unlock and...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: bcachefs: kvfree bchfs::snapshots in bch2fssnapshotsexit bchfs::snapshots is allocated by kvzalloc in snapshott Mut. It should be freed by kvfree, not kfree. Otherwise, umount will trigger the following errors: 406.829178 BUG:...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables: Unregistering flowtable hooks upon netns exit. Unregistering flowtable hooks before they are released via nftablesflowtabledestroy. Otherwise, the hook code may report a Use-After-Free error. BUG: KASAN:...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: ASoC: core: Fixed a use-after-free in sndsocexit KASAN reported a use-after-free: BUG: KASAN: Use-after-free in devicedel+0xb5b/0xc60 A size 8 byte read at address ffff888008655050 was performed by the task rmmod/387. CPU: 2; PID...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fixed the use-after-free issue in ovsctctexit. Since “kfreercu”, which is called during the hlistforeachentryrcu traversal of ovsctlimitexit, is not part of the RCU read critical section, it is possible that the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: iouring: Fixed a null-ptr-deref in iotctxexitcb Syzkaller reported a NULL deref bug as follows: BUG: KASAN: null-ptr-deref in iotctxexitcb+0x53/0xd3 A size 4 read at address 0000000000000138 by task file1/1955 CPU: 1 PID: 1955...