Astra Linux - уязвимость в linux, linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fixed a potential “struct net” leak in inet6rtmgetaddr. It appears that if the user space provides a correct IFATARGETNETNSID value, but no IFAADDRESS or IFALOCAL attributes are set, inet6rtmgetaddr will return -EINVAL, alo...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006772)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006772 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv6: fix potential struct net leak in inet6rtmgetaddr It seems that if userspace provides a...

kernel: ipv6: fix potential "struct net" leak in inet6_rtm_getaddr()

A flaw was discovered in the Linux kernel's IPv6 implementation, specifically within the inet6rtmgetaddr function. The issue arises when user space provides a valid IFATARGETNETNSID value but omits the IFAADDRESS and IFALOCAL attributes. In such cases, the function returns an -EINVAL error while...

SUSE CVE-2024-27417

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix potential "struct net" leak in inet6rtmgetaddr It seems that if userspace provides a correct IFATARGETNETNSID value but no IFAADDRESS and IFALOCAL attributes, inet6rtmgetaddr returns -EINVAL with an elevated "struct net...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a double release vulnerability in nvmeidns...

Gitlab 11.4.7 Remote Code Execution

Exploit Title: Gitlab 11.4.7 - Remote Code Execution Date: 14-12-2020 Exploit Author: Fortunato Lodari fox at thebrain dot net, foxlox Vendor Homepage: https://about.gitlab.com/ POC: https://liveoverflow.com/gitlab-11-4-7-remote-code-execution-real-world-ctf-2018/ Tested On: Debian 10 +...

CVE-2018-14646

The Linux kernel before 4.15-rc8 was found to be vulnerable to a NULL pointer dereference bug in the netlinknscapable function in the net/netlink/afnetlink.c file. A local attacker could exploit this when a net namespace with a netnsid is assigned to cause a kernel panic and a denial of service...

Mozilla: Use-after-free in the IME State Manager (MFSA 2012-87)

Use-after-free vulnerability in the IME State Manager implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors,...