Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: icmp: Fix a data-race around sysctlicmperrorsuseinboundifaddr. While reading sysctlicmperrorsuseinboundifaddr, it can be changed concurrently. Thus, we need to add READONCE to its reader...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-423736)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-423736 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv6: fix race condition between ipv6getifaddr and ipv6deladdr Although ipv6getifaddr walks...

DEBIAN-CVE-2022-49632

In the Linux kernel, the following vulnerability has been resolved: icmp: Fix a data-race around sysctlicmperrorsuseinboundifaddr. While reading sysctlicmperrorsuseinboundifaddr, it can be changed concurrently. Thus, we need to add READONCE to its reader...

UBUNTU-CVE-2022-49632

In the Linux kernel, the following vulnerability has been resolved: icmp: Fix a data-race around sysctlicmperrorsuseinboundifaddr. While reading sysctlicmperrorsuseinboundifaddr, it can be changed concurrently. Thus, we need to add READONCE to its reader...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the fact that sysctlicmperrorsuseinboundifaddr may be concurrently modified on read, resulting in data...

kernel: ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr

This CVE addresses a race condition in the Linux kernel's IPv6 subsystem, specifically between the ipv6getifaddr and ipv6deladdr functions. This race condition can lead to use-after-free scenarios, potentially causing system instability or crashes...

kernel: ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr

This CVE addresses a race condition in the Linux kernel's IPv6 subsystem, specifically between the ipv6getifaddr and ipv6deladdr functions. This race condition can lead to use-after-free scenarios, potentially causing system instability or crashes...

SUSE CVE-2024-35969

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix race condition between ipv6getifaddr and ipv6deladdr Although ipv6getifaddr walks inet6addrlst under the RCU lock, it still means hlistforeachentryrcu can return an item that got removed from the list. The memory itself...

UBUNTU-CVE-2024-35969

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix race condition between ipv6getifaddr and ipv6deladdr Although ipv6getifaddr walks inet6addrlst under the RCU lock, it still means hlistforeachentryrcu can return an item that got removed from the list. The memory itself...

macOS < 10.14.5 / iOS < 12.3 XNU - Wild-read due to bad cast in stf_ioctl Exploit

macOS ifaaddr-safamily != AFINET6 // - crash here IFAUNLOCKifa; error = EAFNOSUPPORT; break; Note that IFALOCK is called on user-provided data; it appears that there is an opportunity for memory corruption a controlled write when using indirect mutexes via LCKMTXTAGINDIRECT see lckmtxlockslow...

Apple macOS &lt; 10.14.5 / iOS &lt; 12.3 XNU - Wild-read due to bad cast in stf_ioctl

/ Reproduction Tested on macOS 10.14.3: $ clang -o stfwildread stfwildread.cc $ ./stfwildread Explanation SIOCSIFADDR is an ioctl that sets the address of an interface. The stf interface ioctls are handled by the stfioctl function. The crash occurs in the following case where a struct ifreq is re...