Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: hns3: Fixed out-of-bound access when a valid event group is used. The perf tool allows users to create event groups using the cmd 1. However, the driver does not check whether the array index is out of bounds...

kernel: race condition in perf_event_open leads to privilege escalation

A use-after-free flaw was found in the Linux kernel’s performance events functionality. A user triggers a race condition in setting up performance monitoring between the leading PERFTYPETRACEPOINT and sub PERFEVENTHARDWARE plus the PERFEVENTSOFTWARE using the perfeventopen function with these thr...

CVE-2021-42372

A shell command injection in the HW Events SNMP community in XoruX LPAR2RRD and STOR2RRD before 7.30 allows authenticated remote attackers to execute arbitrary shell commands as the user running the service...

LPAR2RRD 操作系统命令注入漏洞

Xorux LPAR2RRD is a server monitoring tool from the Czech company Xorux. A security vulnerability in the HW Events SNMP community in XoruX LPAR2RRD and STOR2RRD versions prior to 7.30 can be exploited by an attacker to execute arbitrary shell commands while a user is running a service...

DEBIAN-CVE-2013-4254

The validateevent function in arch/arm/kernel/perfevent.c in the Linux kernel before 3.10.8 on the ARM platform allows local users to gain privileges or cause a denial of service NULL pointer dereference and system crash by adding a hardware event to an event group led by a software event...