CVE-2024-53210 s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct()

In the Linux kernel, the following vulnerability has been resolved: s390/iucv: MSGPEEK causes memory leak in iucvsockdestruct Passing MSGPEEK flag to skbrecvdatagram increments skb refcount skb-users and iucvsockrecvmsg does not decrement skb refcount at exit. This results in skb memory leak in...

CVE-2024-53210

CVE-2024-53210 affects the Linux kernel (s390/iucv) where passing MSG_PEEK to skb_recv_datagram() increments skb->users refcount and iucv_sock_recvmsg() does not decrement it, causing a skb memory leak during skb_queue_purge() and a WARN_ON during socket destruction. The fix is to decrement sk...

K51025656: Linux kernel vulnerability CVE-2016-10229

Security Advisory Description udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSGPEEK flag. CVE-2016-10229 Impact There is no impact; F5...

Remote Code Execution (RCE)

udp.c in the Linux kernel is vulnerable Remote Code Execution RCE. It allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSGPEEK flag...

CVE-2016-10229

udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSGPEEK flag...

Code injection

udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSGPEEK flag...

CVE-2016-10229

udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSGPEEK flag...

CVE-2016-10229

udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSGPEEK flag...

Code injection

The skbrecvdatagram function in net/core/datagram.c in the Linux kernel before 3.8 does not properly handle the MSGPEEK flag with zero-length data, which allows local users to cause a denial of service infinite loop and system hang via a crafted application...

CVE-2013-0290

The skbrecvdatagram function in net/core/datagram.c in the Linux kernel before 3.8 does not properly handle the MSGPEEK flag with zero-length data, which allows local users to cause a denial of service infinite loop and system hang via a crafted application...