CVE-2026-43088

In the Linux kernel, the following vulnerability has been resolved: net: afkey: zero aligned sockaddr tail in PFKEY exports PFKEY export paths use pfkeysockaddrsize when reserving sockaddr payload space, so IPv6 addresses occupy 32 bytes on the wire. However, pfkeysockaddrfill initializes only th...

Security update for the Linux Kernel (Live Patch 44 for SUSE Linux Enterprise 15 SP4)

This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.176 fixes various security issues The following security issues were fixed: CVE-2022-50233: bluetooth: device name can cause reading kernel memory by not supplying terminal \0 bsc1249242. CVE-2022-50327: ACPI: processor: idle: Che...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004239)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004239 advisory. In the Linux kernel before 5.4.2, the iouring feature leads to requests that inadvertently have UID 0 and full capabilities, aka CID-181e448d8709. This is related to...

EUVD-2007-5701

Malware in sbrugna...

UBUNTU-CVE-2024-50293

In the Linux kernel, the following vulnerability has been resolved: net/smc: do not leave a dangling sk pointer in smccreate Thanks to commit 4bbd360a5084 "socket: Print pf-create when it does not clear sock-sk on failure.", syzbot found an issue with AFSMC: smccreate must clear sock-sk on failur...

SUSE-SU-2024:3695-1 Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024111 fixes several issues. The following security issues were fixed: - CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. - CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. -...

SUSE-SU-2024:3631-1 Security update for the Linux Kernel RT (Live Patch 10 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505001335 fixes several issues. The following security issues were fixed: - CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. - CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. -...

SUSE-SU-2024:3624-1 Security update for the Linux Kernel RT (Live Patch 7 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505001324 fixes several issues. The following security issues were fixed: - CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. - CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. -...

UBUNTU-CVE-2024-46783

In the Linux kernel, the following vulnerability has been resolved: tcpbpf: fix return value of tcpbpfsendmsg When we cork messages in psock-cork, the last message triggers the flushing will result in sending a skmsg larger than the current message size. In this case, in tcpbpfsendverdict, 'copie...

CVE-2024-46783 tcp_bpf: fix return value of tcp_bpf_sendmsg()

In the Linux kernel, the following vulnerability has been resolved: tcpbpf: fix return value of tcpbpfsendmsg When we cork messages in psock-cork, the last message triggers the flushing will result in sending a skmsg larger than the current message size. In this case, in tcpbpfsendverdict, 'copie...

CVE-2024-46783 tcp_bpf: fix return value of tcp_bpf_sendmsg()

In the Linux kernel, the following vulnerability has been resolved: tcpbpf: fix return value of tcpbpfsendmsg When we cork messages in psock-cork, the last message triggers the flushing will result in sending a skmsg larger than the current message size. In this case, in tcpbpfsendverdict, 'copie...

CVE-2024-40954

In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It is possible to trigger a use-after-free by: attaching an fentry probe to sockrelease and the probe calling the bpfgetsocketcookie helper running traceroute -I...

DEBIAN-CVE-2023-1032

The Linux kernel iouring IORINGOPSOCKET operation contained a double free in function syssocketfile in file net/socket.c. This issue was introduced in da214a475f8bd1d3e9e7a19ddfeb4d1617551bab and fixed in 649c15c7691e9b13cbe9bf6c65c365350e056067...

CVE-2023-1032

The Linux kernel iouring IORINGOPSOCKET operation contained a double free in function syssocketfile in file net/socket.c. This issue was introduced in da214a475f8bd1d3e9e7a19ddfeb4d1617551bab and fixed in 649c15c7691e9b13cbe9bf6c65c365350e056067...

UBUNTU-CVE-2023-1032

The Linux kernel iouring IORINGOPSOCKET operation contained a double free in function syssocketfile in file net/socket.c. This issue was introduced in da214a475f8bd1d3e9e7a19ddfeb4d1617551bab and fixed in 649c15c7691e9b13cbe9bf6c65c365350e056067...

SUSE CVE-2007-5730

Heap-based buffer overflow in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to execute arbitrary code via crafted data in the "net socket listen" option, aka QEMU "net socket" heap overflow. NOTE: some sources have used CVE-2007-1321 to refer to this issue as part of...

SUSE CVE-2012-4467

The 1 dosiocgstamp and 2 dosiocgstampns functions in net/socket.c in the Linux kernel before 3.5.4 use an incorrect argument order, which allows local users to obtain sensitive information from kernel memory or cause a denial of service system crash via a crafted ioctl call...

Node.js versions 9.7.0 and later and 10.x are vulnerable and the severity is MEDIUM. A bug introduced in 9.7.0 increases the memory consumed when reading from the network into JavaScript using the net.Socket object directly as a stream. An attacker could use this cause a denial of service by sending tiny chunks of data in short succession. This vulnerability was restored by reverting to the prior behaviour.

...

Arbitrary Code Execution

xen is vulnerable to arbitrary code execution. Lack of adequate sanity-checking of data received via the "net socket listen" option. A malicious local administrator of a guest domain could trigger this flaw to potentially execute arbitrary code outside of the domain...

DEBIAN-CVE-2018-7164

Node.js versions 9.7.0 and later and 10.x are vulnerable and the severity is MEDIUM. A bug introduced in 9.7.0 increases the memory consumed when reading from the network into JavaScript using the net.Socket object directly as a stream. An attacker could use this cause a denial of service by...