3 matches found
SUSE CVE-2025-21635
In the Linux kernel, the following vulnerability has been resolved: rds: sysctl: rdstcprcv,sndbuf: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...
CVE-2025-21642 mptcp: sysctl: sched: avoid using current->nsproxy
In the Linux kernel, the following vulnerability has been resolved: mptcp: sysctl: sched: avoid using current-nsproxy Using the 'net' structure via 'current' is not recommended for different reasons. First, if the goal is to use it to read or write per-netns data, this is inconsistent with how th...
PT-2021-1528 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.10.160 Description: The issue is related to a use-after-free vulnerability in the Linux kernel through io uring and the IORING OP SPLICE operation. If IORING OP SPLICE is missing the IO WQ WORK FILES flag, whi...