EUVD-2021-20261

Malware in sbrugna...

CVE-2021-33574

The mqnotify function in the GNU C Library aka glibc versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object passed through its struct sigevent parameter after it has been freed by the caller, leading to a denial of service application crash or possibly...

CVE-2017-11176

A use-after-free flaw was found in the Netlink functionality of the Linux kernel networking subsystem. Due to the insufficient cleanup in the mqnotify function, a local attacker could potentially use this flaw to escalate their privileges on the system...

Critical: kernel

Issue Overview: Exploitable memory corruption due to UFO to non-UFO path switch CVE-2017-1000112 heap out-of-bounds in AFPACKET sockets CVE-2017-1000111 The mqnotify function in the Linux kernel does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a...

CVE-2017-11176

The mqnotify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service use-after-free or possibly have unspecified other impact...

CVE-2017-11176

The mqnotify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service use-after-free or possibly have unspecified other impact...