Unison Desktop OS Personal Edition (1030) x86_64 is vulnerable to integer overflow

Unison Desktop OS Personal Edition is a home-grown desktop operating system built by Unison Software based on the Linux 5.3 kernel and launched specifically for personal users. An integer overflow vulnerability exists in Unisys Desktop OS Personal Edition 1030 x8664. An attacker can exploit the...

glibc security, bug fix, and enhancement update

2.28-101.0.1 - add Ampere emag to tunable cpu list Patrick McGehearty - add optimized memset for emag - add an ASIMD variant of strlen for falkor - Orabug: 2700101. - Modify glibc-ora28849085.patch so it works with RHCK kernels. - Orabug: 28849085. - Make IOfunlockfile match funlockfile and...

Linux 5.3 Insecure Root Path Handling Exploit

Linux versions 5.3 and above appear to have an issue where iouring suffers from insecure handling of the root directory for path lookups. Linux =5.3: iouring: insecure handling of root directory for path lookups When I saw today, I realized that this is not just a small correctness issue, but als...

Linux 5.3 Insecure Root Path Handling

Linux =5.3: iouring: insecure handling of root directory for path lookups When I saw today, I realized that this is not just a small correctness issue, but also has some security implications on existing releases. On 5.5, the incorrect handling of OPENAT means that not only the cwd, but also the...

Linux 5.3 - Privilege Escalation via io_uring Offload of sendmsg() onto Kernel Thread with Kernel Creds

Linux 5.3 - Privilege Escalation via iouring Offload of sendmsg onto Kernel Thread with Kernel Creds Since commit 0fa03c624d8f "iouring: add support for sendmsg", first in v5.3, iouring has support for asynchronously calling sendmsg. Unprivileged userspace tasks can submit IORINGOPSENDMSG...

Linux Kernel 2.4/2.6 - sock_sendpage() Local Root Exploit (PPC Edition)

No description provided by source. / Linux socksendpage NULL pointer dereference Copyright 2009 Ramon de Carvalho Valle [email protected] This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Softwar...

CentOS Update for kernel CESA-2010:0398 centos5 i386

Check for the Version of kernel OpenVAS Vulnerability Test CentOS Update for kernel CESA-2010:0398 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...

Linux Kernel 'fasync_helper()' Local Privilege Escalation Vulnerability

Exploit for linux platform in category local exploits ======================================================================= Linux Kernel 'fasynchelper' Local Privilege Escalation Vulnerability ======================================================================= Credit: Tavis Ormandy...

Linux Kernel 2.4/2.6 sock_sendpage() Local Root Exploit (ppc)

No description provided by source. / Linux socksendpage NULL pointer dereference Copyright 2009 Ramon de Carvalho Valle [email protected] This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Softwar...