CVE-2024-44946

CVE-2024-44946 affects the Linux kernel kcm subsystem (kcm_sendmsg). The issue was a use-after-free/race: while MSG_MORE skb construction was in progress, another thread could touch it, leading to a double-free in kcm_release() when the skb remained in the write queue. The fix serialises kcm_send...

CVE-2024-44946 kcm: Serialise kcm_sendmsg() for the same socket.

In the Linux kernel, the following vulnerability has been resolved: kcm: Serialise kcmsendmsg for the same socket. syzkaller reported UAF in kcmrelease. 0 The scenario is 1. Thread A builds a skb with MSGMORE and sets kcm-seqskb. 2. Thread A resumes building skb from kcm-seqskb but is blocked by...

CVE-2023-52527 ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data()

In the Linux kernel, the following vulnerability has been resolved: ipv4, ipv6: Fix handling of transhdrlen in ip,6appenddata Including the transhdrlen in length is a problem when the packet is partially filled e.g. something like sendMSGMORE happened previously when appending to an IPv4 or IPv6...

CVE-2017-1000112

An exploitable memory corruption flaw was found in the Linux kernel. The append path can be erroneously switched from UFO to non-UFO in ipufoappenddata when building an UFO packet with MSGMORE option. If unprivileged user namespaces are available, this flaw can be exploited to gain root privilege...

EulerOS 2.0 SP2 : kernel (EulerOS-SA-2017-1256)

According to the version of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An exploitable memory corruption flaw was found in the Linux kernel. The append path can be erroneously switched from UFO to non-UFO in...

CVE-2017-6347

The CVE-2017-6347 entry describes a vulnerability in the Linux kernel (net/ipv4/ip_sockglue.c: ip_cmsg_recv_checksum) when built before version 4.10.1. The flaw arises from incorrect assumptions about skb data layout, allowing a local attacker to trigger a denial of service via a buffer over-read...

CVE-2017-6347

The ipcmsgrecvchecksum function in net/ipv4/ipsockglue.c in the Linux kernel before 4.10.1 has incorrect expectations about skb data layout, which allows local users to cause a denial of service buffer over-read or possibly have unspecified other impact via crafted system calls, as demonstrated b...

CVE-2017-6347

The ipcmsgrecvchecksum function in net/ipv4/ipsockglue.c in the Linux kernel before 4.10.1 has incorrect expectations about skb data layout, which allows local users to cause a denial of service buffer over-read or possibly have unspecified other impact via crafted system calls, as demonstrated b...

CentOS Update for kernel CESA-2009:1233 centos3 i386

Check for the Version of kernel OpenVAS Vulnerability Test CentOS Update for kernel CESA-2009:1233 centos3 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...

RedHat Security Advisory RHSA-2009:1457

The remote host is missing updates announced in advisory RHSA-2009:1457. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: Michael Tokarev reported a flaw in the Realtek r8169 Ethernet driver in the Linux kernel...

CVE-2009-2698

The udpsendmsg function in the UDP implementation in 1 net/ipv4/udp.c and 2 net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service NULL pointer dereference and system crash via vectors involving the MSGMORE flag and a UDP socket...

Null pointer dereference

The udpsendmsg function in the UDP implementation in 1 net/ipv4/udp.c and 2 net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service NULL pointer dereference and system crash via vectors involving the MSGMORE flag and a UDP socket...

Linux Kernel udp_sendmsg() MSG_MORE标记本地权限提升漏洞

BUGTRAQ ID: 36108 CVECAN ID: CVE-2009-2698 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel在对UDP套接字使用MSGMORE标记时udpsendmsg实现中存在漏洞，本地非特权用户可以利用这个漏洞导致拒绝服务或提升权限。 Linux kernel 2.6.x 厂商补丁： Debian ------ Debian已经为此发布了一个安全公告（DSA-1872-1）以及相应补丁: DSA-1872-1：New Linux 2.6.18 packages fix several vulnerabilities...