3 matches found
UBUNTU-CVE-2024-46771
In the Linux kernel, the following vulnerability has been resolved: can: bcm: Remove proc entry when dev is unregistered. syzkaller reported a warning in bcmconnect below. 0 The repro calls connect to vxcan1, removes vxcan1, and calls connect with ifindex == 0. Calling connect for a BCM socket...
kernel: proc: protect mm start_code/end_code in /proc/pid/stat
The dotaskstat function in fs/proc/array.c in the Linux kernel before 2.6.39-rc1 does not perform an expected uid check, which makes it easier for local users to defeat the ASLR protection mechanism by reading the startcode and endcode fields in the /proc//stat file for a process executing a PIE...
kernel: proc: protect mm start_code/end_code in /proc/pid/stat
The dotaskstat function in fs/proc/array.c in the Linux kernel before 2.6.39-rc1 does not perform an expected uid check, which makes it easier for local users to defeat the ASLR protection mechanism by reading the startcode and endcode fields in the /proc//stat file for a process executing a PIE...