5 matches found
EUVD-2025-13114
Malicious code in bioql PyPI...
CVE-2023-53136
CVE-2023-53136 concerns a Linux kernel af_unix memory leak in OOB support. The root cause is that queue_oob() may hold a reference on a pid via maybe_add_creds(), while skb->destructor is not set (directly or via unix_scm_to_skb()), allowing the reference to be leaked when the skb is freed. Sy...
CVE-2023-53136 af_unix: fix struct pid leaks in OOB support
In the Linux kernel, the following vulnerability has been resolved: afunix: fix struct pid leaks in OOB support syzbot reported struct pid leak 1. Issue is that queueoob calls maybeaddcreds which potentially holds a reference on a pid. But skb-destructor is not set either directly or by calling...
CVE-2023-53136 af_unix: fix struct pid leaks in OOB support
In the Linux kernel, the following vulnerability has been resolved: afunix: fix struct pid leaks in OOB support syzbot reported struct pid leak 1. Issue is that queueoob calls maybeaddcreds which potentially holds a reference on a pid. But skb-destructor is not set either directly or by calling...
CVE-2024-26676
In the Linux kernel, the following vulnerability has been resolved: afunix: Call kfreeskb for dead unixsk-oobskb in GC. syzbot reported a warning 0 in unixgc with a repro, which creates a socketpair and sends one socket's fd to itself using the peer. socketpairAFUNIX, SOCKSTREAM, 0, 3, 4 = 0...