11 matches found
OESA-2026-1642 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: fs/xattr: missing fdput in fremovexattr error path In the Linux kernel, the fremovexattr syscall calls fdget to acquire a file reference but returns early withou...
CVE-2024-14027
In the Linux kernel, the following vulnerability has been resolved: fs/xattr: missing fdput in fremovexattr error path In the Linux kernel, the fremovexattr syscall calls fdget to acquire a file reference but returns early without calling fdput when strncpyfromuser fails on the name argument. In...
AZL-79538 CVE-2024-14027 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: fs/xattr: missing fdput in fremovexattr error path In the Linux kernel, the fremovexattr syscall calls fdget to acquire a file reference but returns early without calling fdput when strncpyfromuser fails on the name argument. In...
UBUNTU-CVE-2024-14027
In the Linux kernel, the following vulnerability has been resolved: fs/xattr: missing fdput in fremovexattr error path In the Linux kernel, the fremovexattr syscall calls fdget to acquire a file reference but returns early without calling fdput when strncpyfromuser fails on the name argument. In...
CVE-2024-14027
In the Linux kernel, CVE-2024-14027 affects the xattr path: fremovexattr() calls fdget() but omits fdput() on failure of strncpy_from_user() for the name argument, leaking a file reference per call in multi-threaded processes and enabling local kernel memory exhaustion by an unprivileged user. Th...
CVE-2024-14027 xattr: switch to CLASS(fd)
In the Linux kernel, the following vulnerability has been resolved: fs/xattr: missing fdput in fremovexattr error path In the Linux kernel, the fremovexattr syscall calls fdget to acquire a file reference but returns early without calling fdput when strncpyfromuser fails on the name argument. In...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the absence of the fdput call in the fremovexattr error path. This vulnerability could potentiall...
Android - binder Use-After-Free via fdget() Optimization Exploit
Android - binder Use-After-Free via fdget Optimization Exploit This bug report describes two different issues in different branches of the binder kernel code. The first issue is in the upstream Linux kernel, commit 7f3dc0088b98 "binder: fix proc-files use-after-free"; the second issue is in the...
Android - binder Use-After-Free via fdget() Optimization
This bug report describes two different issues in different branches of the binder kernel code. The first issue is in the upstream Linux kernel, commit 7f3dc0088b98 "binder: fix proc-files use-after-free"; the second issue is in the wahoo kernel and maybe elsewhere? but at least the android commo...
Linux Kernel 4.4.x (Ubuntu 16.04) - double-fdput() bpf(BPF_PROG_LOAD) Privilege Escalation
Linux Kernel 4.4.x Ubuntu 16.04 - double-fdput bpfBPFPROGLOAD Privilege Escalation Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=808 In Linux =4.4, when the CONFIGBPFSYSCALL config option is set and the kernel.unprivilegedbpfdisabled sysctl is not explicitly set to 1 at runtim...
Linux Kernel 4.4.x (Ubuntu 16.04) - 'double-fdput()' bpf(BPF_PROG_LOAD) Privilege Escalation
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=808 In Linux =4.4, when the CONFIGBPFSYSCALL config option is set and the kernel.unprivilegedbpfdisabled sysctl is not explicitly set to 1 at runtime, unprivileged code can use the bpf syscall to load eBPF socket filter programs...