15 matches found
CVE-2023-51781
An issue was discovered in the Linux kernel before 6.6.8. atalkioctl in net/appletalk/ddp.c has a use-after-free because of an atalkrecvmsg race condition...
Race condition
An issue was discovered in the Linux kernel before 6.6.8. atalkioctl in net/appletalk/ddp.c has a use-after-free because of an atalkrecvmsg race condition...
CVE-2023-51781
An issue was discovered in the Linux kernel before 6.6.8. atalkioctl in net/appletalk/ddp.c has a use-after-free because of an atalkrecvmsg race condition...
CVE-2023-51781
An issue was discovered in the Linux kernel before 6.6.8. atalkioctl in net/appletalk/ddp.c has a use-after-free because of an atalkrecvmsg race condition...
CVE-2023-51781
CVE-2023-51781 affects the Linux kernel up to version before 6.6.8, with a use-after-free in atalk_ioctl (net/appletalk/ddp.c) caused by a race in atalk_recvmsg. The issue is locally exploitable and has a high impact on confidentiality/integity/availability per CVSS. A patch is available in kerne...
CVE-2023-51781
An issue was discovered in the Linux kernel before 6.6.8. atalkioctl in net/appletalk/ddp.c has a use-after-free because of an atalkrecvmsg race condition...
Null pointer dereference
In the AppleTalk subsystem in the Linux kernel before 5.1, there is a potential NULL pointer dereference because registersnapclient may return NULL. This will lead to denial of service in net/appletalk/aarp.c and net/appletalk/ddp.c, as demonstrated by unregistersnapclient, aka CID-9804501fa122...
CVE-2019-17054
atalkcreate in net/appletalk/ddp.c in the AFAPPLETALK network module in the Linux kernel through 5.3.2 does not enforce CAPNETRAW, which means that unprivileged users can create a raw socket, aka CID-6cc03e8aa36c...
CVE-2019-17054
atalkcreate in net/appletalk/ddp.c in the AFAPPLETALK network module in the Linux kernel through 5.3.2 does not enforce CAPNETRAW, which means that unprivileged users can create a raw socket, aka CID-6cc03e8aa36c...
CVE-2019-15292
An issue was discovered in the Linux kernel before 5.0.9. There is a use-after-free in atalkprocexit, related to net/appletalk/atalkproc.c, net/appletalk/ddp.c, and net/appletalk/sysctlnetatalk.c...
Double free
An issue was discovered in the Linux kernel before 5.0.9. There is a use-after-free in atalkprocexit, related to net/appletalk/atalkproc.c, net/appletalk/ddp.c, and net/appletalk/sysctlnetatalk.c...
CVE-2019-15292
An issue was discovered in the Linux kernel before 5.0.9. There is a use-after-free in atalkprocexit, related to net/appletalk/atalkproc.c, net/appletalk/ddp.c, and net/appletalk/sysctlnetatalk.c...
CVE-2019-15292
An issue was discovered in the Linux kernel before 5.0.9. There is a use-after-free in atalkprocexit, related to net/appletalk/atalkproc.c, net/appletalk/ddp.c, and net/appletalk/sysctlnetatalk.c...
CVE-2013-7267
CVE-2013-7267 (Linux kernel) : Affected component is the atalk_recvmsg function in net/appletalk/ddp.c, vulnerable before 3.12.4. The bug updates a length value without ensuring the associated data structure is initialized, enabling local attackers to leak kernel memory via recvfrom, recvmmsg, or...
CVE-2013-7267
The atalkrecvmsg function in net/appletalk/ddp.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a 1 recvfrom, 2 recvmmsg, or 3...