48 matches found
CVE-2024-35910
CVE-2024-35910: In the Linux kernel, TCP timer termination for kernel sockets was improved. Previously, inet_csk_clear_xmit_timers() stopped timers via del_timer(), which could allow in-flight kernel-timers to finish after the associated netns had been dismantled, risking use-after-free when the ...
kernel: IPv6 connect causes DoS via NULL pointer dereference
A NULL pointer dereference flaw was found in the way the Linux kernel's network subsystem handled socket creation with an invalid protocol identifier. A local user could use this flaw to crash the system...
Ubuntu: Security Advisory (USN-1275-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 11.10 : linux vulnerability (USN-1275-1)
Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. CVE-2011-1162 Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit...
USN-1260-1: Linux kernel (OMAP4) vulnerability
Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. CVE-2011-1162 Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit...
Ubuntu Update for linux-lts-backport-maverick USN-1187-1
Ubuntu Update for Linux kernel vulnerabilities USN-1187-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN11871.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for linux-lts-backport-maverick USN-1187-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH,...
USN-1187-1: Linux kernel (Maverick backport) vulnerabilities
It was discovered that KVM did not correctly initialize certain CPU registers. A local attacker could exploit this to crash the system, leading to a denial of service. CVE-2010-3698 Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. A local attacker could...
kernel: uninit op in SOCKOPS_WRAP() leads to privesc
The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in protoops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using mmap to map page zero, placing arbitrary code on...