7 matches found
SUSE CVE-2026-52923
In the Linux kernel, the following vulnerability has been resolved: ipc: limit nextid allocation to the valid ID range The checkpoint/restore sysctl path can request the next SysV IPC id through ids-nextid. ipcidralloc currently forwards that request to idralloc with an open-ended upper bound. If...
CVE-2026-52923
The CVE-2026-52923 issue affects the Linux kernel IPC ID allocation in the checkpoint/restore path. ipc_idr_alloc() forwards the next_id request to idr_alloc() with an open-ended upper bound, so if the valid SysV IPC id tail is full the allocation can spill past ipc_mni. The encoded id may then r...
SUSE CVE-2024-57892
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix slab-use-after-free due to dangling pointer dqipriv When mounting ocfs2 and then remounting it as read-only, a slab-use-after-free occurs after the user uses a syscall to quotagetnextquota. Specifically, sbdqinfosb,...
Malicious code in next-id-doc (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 78b8ec553ac410688ce195e0361743232f4c5c356df00d5dfb465da50060f8eb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-8734 Malicious code in next-id-doc (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 78b8ec553ac410688ce195e0361743232f4c5c356df00d5dfb465da50060f8eb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Security feature bypass
The CreateID function in packet.py in pyrad before 2.1 uses sequential packet IDs, which makes it easier for remote attackers to spoof packets by predicting the next ID, a different vulnerability than CVE-2013-0294...
UBUNTU-CVE-2013-0342
The CreateID function in packet.py in pyrad before 2.1 uses sequential packet IDs, which makes it easier for remote attackers to spoof packets by predicting the next ID, a different vulnerability than CVE-2013-0294...