8 matches found
MiracleLinux 8 : glibc-2.28-164.el8 (AXSA:2021-2585:08)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2585:08 advisory. glibc: Arbitrary read in wordexp CVE-2021-35942 glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c CVE-2021-27645 glibc: mqnotify...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003418)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003418 advisory. The mqnotify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlin...
SUSE CVE-2021-38604
In librt in the GNU C Library aka glibc through 2.34, sysdeps/unix/sysv/linux/mqnotify.c mishandles certain NOTIFYREMOVED data, leading to a NULL pointer dereference. NOTE: this vulnerability was introduced as a side effect of the CVE-2021-33574 fix...
CLSA-2022-1643727522 Fix of CVE: CVE-2021-35942, CVE-2021-27645, CVE-2021-33574
CVE-2021-27645: nscd: Fix double free in netgroupcache 1927877 - CVE-2021-33574: Deep copy pthread attribute in mqnotify 1966472 - CVE-2021-35942: wordexp: handle overflow in positional parameter number 1979127 - librt: fix NULL pointer dereference 1966472...
The vulnerability of the `sysdeps/unix/sysv/linux/mq_notify.c` component in the glibc library allows a attacker to cause a service failure.
The vulnerability of the sysdeps/unix/sysv/linux/mqnotify.c component of the glibc library is related to the handling of zero pointers. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...
kernel: Use-after-free in sys_mq_notify()
A use-after-free flaw was found in the Netlink functionality of the Linux kernel networking subsystem. Due to the insufficient cleanup in the mqnotify function, a local attacker could potentially use this flaw to escalate their privileges on the system...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.20.1 - tty: Fix race in ptywrite leading to NULL deref Todd Vierling Orabug: 25392692 - ocfs2/dlm: ignore cleaning the migration mle that is inuse xuejiufei Orabug: 26479780 - KEYS: fix dereferencing NULL payload with nonzero length Eric Biggers Orabug: 26592025 - oracleasm:...
PT-2017-2476 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 4.11.9 Description: The issue is related to the mq notify function in the Linux kernel, which does not set the sock pointer to NULL upon entry into the retry logic. This allows attackers to cause a denial of...