Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkosf: fixed a possible incorrect match in nfosffind. nfosffind incorrectly returns true in case of a mismatch, which leads to copying uninitialized memory areas in nftosf. This can result in leaking stale kerne...

Astra Linux - уязвимость в linux, linux-5.10

A flaw was discovered in the Linux kernel’s implementation of RDMA over InfiniBand. An attacker with a privileged local account can leak kernel stack information by issuing commands to the /dev/infiniband/rdmacm device node. Although this access is unlikely to reveal sensitive user information, i...

SUSE CVE-2026-23335

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix kernel stack leak in irdmacreateuserah struct irdmacreateahresp // 8 bytes, no padding u32 ahid; // offset 0 - SET uresp.ahid = ah-scah.ahinfo.ahidx u8 rsvd4; // offset 4 - NEVER SET - LEAK ; rsvd4: 4 bytes of sta...

UBUNTU-CVE-2026-23335

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix kernel stack leak in irdmacreateuserah struct irdmacreateahresp // 8 bytes, no padding u32 ahid; // offset 0 - SET uresp.ahid = ah-scah.ahinfo.ahidx u8 rsvd4; // offset 4 - NEVER SET - LEAK ; rsvd4: 4 bytes of sta...

CVE-2026-23384

In the Linux kernel, the following vulnerability has been resolved: RDMA/ionic: Fix kernel stack leak in ioniccreatecq struct ioniccqresp resp u32 cqid2; // offset 0 - PARTIALLY SET see below u8 udmamask; // offset 8 - SET resp.udmamask = vcq-udmamask u8 rsvd7; // offset 9 - NEVER SET udmamask &...

CVE-2026-23384 RDMA/ionic: Fix kernel stack leak in ionic_create_cq()

In the Linux kernel, the following vulnerability has been resolved: RDMA/ionic: Fix kernel stack leak in ioniccreatecq struct ioniccqresp resp u32 cqid2; // offset 0 - PARTIALLY SET see below u8 udmamask; // offset 8 - SET resp.udmamask = vcq-udmamask u8 rsvd7; // offset 9 - NEVER SET udmamask &...

CVE-2026-23384 RDMA/ionic: Fix kernel stack leak in ionic_create_cq()

In the Linux kernel, the following vulnerability has been resolved: RDMA/ionic: Fix kernel stack leak in ioniccreatecq struct ioniccqresp resp u32 cqid2; // offset 0 - PARTIALLY SET see below u8 udmamask; // offset 8 - SET resp.udmamask = vcq-udmamask u8 rsvd7; // offset 9 - NEVER SET udmamask &...

CVE-2026-23335

CVE-2026-23335: Linux kernel RDMA/irdma create_user_ah() leak resolved. Root cause: the irdma_create_ah_resp struct contained 4 bytes (rsvd) that were never zeroed, leaking stack memory prior to ib_respond_udata(). Affected code paths thus exposed uninitialized stack content (4 bytes) in the resp...

CVE-2026-23335 RDMA/irdma: Fix kernel stack leak in irdma_create_user_ah()

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix kernel stack leak in irdmacreateuserah struct irdmacreateahresp // 8 bytes, no padding u32 ahid; // offset 0 - SET uresp.ahid = ah-scah.ahinfo.ahidx u8 rsvd4; // offset 4 - NEVER SET - LEAK ; rsvd4: 4 bytes of sta...

Linux Distros Unpatched Vulnerability : CVE-2026-23335

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/irdma: Fix kernel stack leak in irdmacreateuserah struct irdmacreateahresp // 8 bytes, no padding u32 ahid; // offset 0 - SET uresp.ahid =...

CVE-2020-10854

An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. Kernel stack addresses are leaked to userspace. The Samsung ID is SVE-2019-16161 January 2020...

PT-2026-27700

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A kernel stack leak exists in the irdma create user ah function within the RDMA/irdma component. The rsvd4 member of the irdma create ah resp structure leaks 4 bytes of stack memory...

EUVD-2020-3260

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2019-16921

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel before 4.17, hnsroceallocucontext in drivers/infiniband/hw/hns/hnsrocemain.c does not initialize the resp data structure, which might allow...

Linux Distros Unpatched Vulnerability : CVE-2018-17972

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the procpidstack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the...

CVE-2022-49293

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: initialize registers in nftdochain Initialize registers to avoid stack leak into userspace...

UBUNTU-CVE-2021-47255

In the Linux kernel, the following vulnerability has been resolved: kvm: LAPIC: Restore guard to prevent illegal APIC register access Per the SDM, "any access that touches bytes 4 through 15 of an APIC register may cause undefined behavior and must not be executed." Worse, such an access in...

A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information it can be further used to defeat existing kernel protection mechanisms.

...

CVE-2021-3923

A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdmacm device node. While this access is unlikely to leak sensitive user information, it can be...

UBUNTU-CVE-2021-3923

A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdmacm device node. While this access is unlikely to leak sensitive user information, it can be...