EUVD-2010-4626

Malware in sbrugna...

DEBIAN-CVE-2025-39767

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Optimize module load time by optimizing PLT/GOT counting When enabling CONFIGKASAN, CONFIGPREEMPTVOLUNTARYBUILD and CONFIGPREEMPTVOLUNTARY at the same time, there will be soft deadlock, the relevant logs are as follows...

Security update for podman

This update for podman fixes the following issues: CVE-2024-9676: github.com/containers/storage: Fixed symlink traversal vulnerability in the containers/storage library can cause Denial of Service DoS bsc1231698 Load iptables and ip6tables kernel module bsc1214612 Required for rootless mode as a...

CVE-2023-1380

A slab-out-of-bound read problem was found in brcmfgetassocies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when associnfo-reqlen data is bigger than the size of the buffer, defined as WLEXTRABUFMAX, leading to a denial of service...

CVE-2020-14416

A use-after-free flaw was found in slcanwritewakeup in drivers/net/can/slcan.c in the serial CAN module slcan. A race condition occurs when communicating with can using slcan between the write scheduling the transmit and closing flushing out any pending queues the SLCAN channel. This flaw allows ...

CVE-2010-4661

udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules...

Ubuntu: Security Advisory (USN-3935-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3935-1 busybox vulnerabilities

Tyler Hicks discovered that BusyBox incorrectly handled symlinks inside tar archives. If a user or automated system were tricked into processing a specially crafted tar archive, a remote attacker could overwrite arbitrary files outside of the current directory. This issue only affected Ubuntu 14....

DEBIAN-CVE-2018-18653

The Linux kernel, as used in Ubuntu 18.10 and when booted with UEFI Secure Boot enabled, allows privileged local users to bypass intended Secure Boot restrictions and execute untrusted code by loading arbitrary kernel modules. This occurs because a modified kernel/module.c, in conjunction with...

UBUNTU-CVE-2018-18653

The Linux kernel, as used in Ubuntu 18.10 and when booted with UEFI Secure Boot enabled, allows privileged local users to bypass intended Secure Boot restrictions and execute untrusted code by loading arbitrary kernel modules. This occurs because a modified kernel/module.c, in conjunction with...

DEBIAN-CVE-2014-9645

The addprobe function in modutils/modprobe.c in BusyBox before 1.23.0 allows local users to bypass intended restrictions on loading kernel modules via a / slash character in a module name, as demonstrated by an "ifconfig /usbserial up" command or a "mount -t /sndpcm none /" command...

CVE-2014-9645

The addprobe function in modutils/modprobe.c in BusyBox before 1.23.0 allows local users to bypass intended restrictions on loading kernel modules via a / slash character in a module name, as demonstrated by an "ifconfig /usbserial up" command or a "mount -t /sndpcm none /" command...

kernel: crypto api unprivileged arbitrary module load via request_module()

A flaw was found in the way the Linux kernel's Crypto subsystem handled automatic loading of kernel modules. A local user could use this flaw to load any installed kernel module, and thus increase the attack surface of the running kernel...

UBUNTU-CVE-2014-9644

The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AFALG socket with a parenthesized module template expression in the salgname field, as demonstrated by the vfataes expression, a different vulnerability than...

kernel: netns vs proto registration ordering

net/ipv4/ipgre.c in the Linux kernel before 2.6.34, when ipgre is configured as a module, allows remote attackers to cause a denial of service OOPS by sending a packet during module loading...

Ubuntu 10.10 : linux vulnerabilities (USN-1160-1)

Dan Rosenberg discovered that IRDA did not correctly check the size of buffers. On non-x86 systems, a local attacker could exploit this to read kernel heap memory, leading to a loss of privacy. CVE-2010-4529 Dan Rosenburg discovered that the CAN subsystem leaked kernel addresses into the /proc...

CVE-2004-2686

Directory traversal vulnerability in the vfsgetvfssw function in Solaris 2.6, 7, 8, and 9 allows local users to load arbitrary kernel modules via crafted 1 mount or 2 sysfs system calls. NOTE: this might be the same issue as CVE-2004-1767, but there are insufficient details to be sure...

SuSE Security Announcement: modules

-----BEGIN PGP SIGNED MESSAGE----- SuSE Security Announcement Package: modules Announcement-ID: SuSE-SA:2000:44 Date: Monday, November 13th, 2000 10:00 MEST Affected SuSE versions: 6.4, 7.0 Vulnerability Type: local root compromise Severity 1-10: 8 SuSE default package: yes Other affected systems...

insmod.linux.txt

Date: Tue, 30 Mar 1999 22:08:13 -0500 From: Brian Szymanski To: [email protected] Subject: linux insmod bug/security vulnerability Howdy all, Recently I discovered a bug in insmod that would require a lot of time and luck to exploit, but is nonetheless important for systems wanting rock-solid...