Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414364)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414364 advisory. There is an infoleak vulnerability in the Linux kernel's net/bluetooth/l2capcore.c's l2capparseconfreq function which can be used to leak kernel pointers remotely. W...

Linux Distros Unpatched Vulnerability : CVE-2022-42895

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is an infoleak vulnerability in the Linux kernel's net/bluetooth/l2capcore.c's l2capparseconfreq function which can be used to leak kernel pointers...

CVE-2024-50110

CVE-2024-50110 is a Linux kernel vulnerability fixed by ensuring xfrm algorithm dumping does not leak kernel-infoleak data to userspace. The issue could expose uninitialized or padding-filled data from kernel structures via netlink/dumping paths; padding in dumped algorithm data could reveal sens...

CVE-2021-47597 inet_diag: fix kernel-infoleak for UDP sockets

In the Linux kernel, the following vulnerability has been resolved: inetdiag: fix kernel-infoleak for UDP sockets KMSAN reported a kernel-infoleak 1, that can exploited by unpriv users. After analysis it turned out UDP was not initializing r-idiagexpires. Other users of inetskdiagfill might make...

K15122200: Linux kernel vulnerability CVE-2019-3460

Security Advisory Description A heap data infoleak in multiple locations including L2CAPPARSECONFRSP was found in the Linux kernel before 5.1-rc1. CVE-2019-3460 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has...

Ubuntu 20.04 LTS : Linux kernel (GKE) vulnerabilities (USN-5875-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5875-1 advisory. It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote...

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2023-12117)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12117 advisory. - ALSA: pcm: oss: Fix race at SNDCTLDSPSYNC Sasha Levin Orabug: 34653896 CVE-2022-3303 - Bluetooth: L2CAP: Fix accepting connection request for invali...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2023-12009)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12009 advisory. - proc: procskipspaces shouldn't think it is working on C strings Linus Torvalds Orabug: 34882779 CVE-2022-4378 - proc: avoid integer type confusi...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2023-12008)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12008 advisory. - proc: procskipspaces shouldn't think it is working on C strings Linus Torvalds Orabug: 34882779 CVE-2022-4378 - proc: avoid integer type confusi...

EulerOS 2.0 SP9 : kernel (EulerOS-SA-2023-1102)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : There is an infoleak vulnerability in the Linux kernel's net/bluetooth/l2capcore.c's l2capparseconfreq function which can be used to leak kernel...

PT-2022-36335 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 2.6.25 through 5.10.154 Description: The issue is related to an infoleak when sending struct ifaddrlblmsg to the network, specifically affecting IPv6 addrlabel. The actual impact and attack plausibility have not yet been...

Amazon Linux 2 : kernel, --advisory ALAS2-2022-1888 (ALAS-2022-1888)

The version of kernel installed on the remote host is prior to 4.14.299-223.520. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1888 advisory. In v4l2m2mquerybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. Th...

Design/Logic Flaw

There is an infoleak vulnerability in the Linux kernel's net/bluetooth/l2capcore.c's l2capparseconfreq function which can be used to leak kernel pointers remotely. We recommend upgrading past commit https://github.com/torvalds/linux/commit/b1a2cd50c0357f243b7435a732b4e62ba3157a2e...

CVE-2022-42895 Info Leak in l2cap_core in the Linux Kernel

There is an infoleak vulnerability in the Linux kernel's net/bluetooth/l2capcore.c's l2capparseconfreq function which can be used to leak kernel pointers remotely. We recommend upgrading past commit https://github.com/torvalds/linux/commit/b1a2cd50c0357f243b7435a732b4e62ba3157a2e...

PT-2022-6333 · Linux +7 · Linux Kernel +7

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to an infoleak vulnerability in the Linux kernel's net/bluetooth/l2cap core.c's l2cap parse conf req function, which can be used to leak kernel pointers remotely...

Linux < 4.16.9 / < 4.14.41 - 4-byte Infoleak via Uninitialized Struct Field Exploit

Exploit for linux platform in category dos / poc / Linux tai. If doadjtimex doesn't write to -tai e.g. because the arguments are invalid, compatputtimex then copies the uninitialized -tai field to userspace. Demo: $ cat leak32.c / include include include include include include include / from...

PHP SoapFault Type Confusion

Type Confusion Infoleak Vulnerability in unserialize with SoapFault Taoguang Chen - Write Date: 2015.3.1 - Release Date: 2015.4.28 A type confusion vulnerability was discovered in unserialize with SoapFault object's toString magic method that can be abused for leaking arbitrary memory blocks...

[oss-security] CVE-2014-1739: Kernel Infoleak vulnerability in,media_enum_entities&#40;&#41;

Hi, We found an infoleak vulnerability in the ioctl mediaenumentities that allows to disclose 200 bytes the kernel process' stack. The vulnerability is exploitable on versions up to linux-3.15-rc3 by local users with read access to /dev/media0. Linux distributions ship with chmod 600 /dev/media0...