Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: The issue of protecting the fetch of -fdfd in dodup2 from mispredictions has been addressed. Both callers have ensured that fd is not greater than -maxfds; however, a misprediction might lead to the speculative execution of tofre...

EUVD-2003-0470

Malware in sbrugna...

EUVD-2008-0990

Malware in sbrugna...

EUVD-2016-9488

Malware in sbrugna...

CVE-2016-9962

RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new processes during the initialization and can lead to container escapes or...

RunC Exec Vulnerability | Cloud Foundry

Medium Vendor Open Containers Initiative Description RunC allowed additional container processes via runc exec to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new processes during the...

CVE-2014-3956

The smcloseonexec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FDCLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program...

CVE-2005-0205

KPPP 2.1.2 in KDE 3.1.5 and earlier, when setuid root without certain wrappers, does not properly close a privileged file descriptor for a domain socket, which allows local users to read and write to /etc/hosts and /etc/resolv.conf and gain control over DNS name resolution by opening a number of...

CVE-2003-0489

tcptraceroute 1.4 and earlier does not fully drop privileges after obtaining a file descriptor for capturing packets, which may allow local users to gain access to the descriptor via a separate vulnerability in tcptraceroute...