24 matches found
EUVD-2023-60284
In the Linux kernel, the following vulnerability has been resolved: afunix: Fix null-ptr-deref in unixstreamsendpage. Bing-Jhong Billy Jheng reported null-ptr-deref in unixstreamsendpage with detailed analysis and a nice repro. unixstreamsendpage tries to add data to the last skb in the peer's re...
EUVD-2023-60363
In the Linux kernel, the following vulnerability has been resolved: afunix: Fix null-ptr-deref in unixstreamsendpage. Bing-Jhong Billy Jheng reported null-ptr-deref in unixstreamsendpage with detailed analysis and a nice repro. unixstreamsendpage tries to add data to the last skb in the peer's re...
CVE-2023-54161
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2023-54082
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2023-54161 af_unix: Fix null-ptr-deref in unix_stream_sendpage().
In the Linux kernel, the following vulnerability has been resolved: afunix: Fix null-ptr-deref in unixstreamsendpage. Bing-Jhong Billy Jheng reported null-ptr-deref in unixstreamsendpage with detailed analysis and a nice repro. unixstreamsendpage tries to add data to the last skb in the peer's re...
CVE-2023-54161
...
CVE-2023-54161
CVE-2023-54161 concerns the Linux kernel: a null-pointer dereference in unix_stream_sendpage() caused by racing access to a peer socket’s receive queue when data is queued de-pendently by the last skb. The root cause is the peer’s recv queue being accessed locklessly during garbage collection, en...
CVE-2023-54082
...
CVE-2023-54082 af_unix: Fix null-ptr-deref in unix_stream_sendpage().
In the Linux kernel, the following vulnerability has been resolved: afunix: Fix null-ptr-deref in unixstreamsendpage. Bing-Jhong Billy Jheng reported null-ptr-deref in unixstreamsendpage with detailed analysis and a nice repro. unixstreamsendpage tries to add data to the last skb in the peer's re...
CVE-2023-54082
CVE-2023-54082 has been rejected in the official CVE list, but related connected records describe a Linux kernel vulnerability: af_unix, where unix_stream_sendpage() could race with garbage collection, potentially dereferencing an unlocked skb and causing a use-after-free. The root cause is failu...
Linux Distros Unpatched Vulnerability : CVE-2023-53469
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - afunix: Fix null-ptr-deref in unixstreamsendpage. Bing-Jhong Billy Jheng reported null-ptr-deref in unixstreamsendpage with detailed analysis and a nice repro...
CVE-2023-53469
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2023-53469 af_unix: Fix null-ptr-deref in unix_stream_sendpage().
In the Linux kernel, the following vulnerability has been resolved: afunix: Fix null-ptr-deref in unixstreamsendpage. Bing-Jhong Billy Jheng reported null-ptr-deref in unixstreamsendpage with detailed analysis and a nice repro. unixstreamsendpage tries to add data to the last skb in the peer's re...
CVE-2023-53469
CVE-2023-53469 is rejected/not used; not an active vulnerability entry.
PT-2025-40176
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.5 Description The Linux kernel contains a flaw in the unix stream sendpage function related to a null pointer dereference. This issue occurs when handling sockets in a specific loop scenario involving garbage...
kernel: use after free in unix_stream_sendpage
A use-after-free flaw was found in the Linux kernel's afunix component that allows local privilege escalation. The unixstreamsendpage function tries to add data to the last skb in the peer's recv queue without locking the queue. This issue leads to a race condition where the unixstreamsendpage...
kernel: use after free in unix_stream_sendpage
A use-after-free flaw was found in the Linux kernel's afunix component that allows local privilege escalation. The unixstreamsendpage function tries to add data to the last skb in the peer's recv queue without locking the queue. This issue leads to a race condition where the unixstreamsendpage...
kernel: use after free in unix_stream_sendpage
A use-after-free flaw was found in the Linux kernel's afunix component that allows local privilege escalation. The unixstreamsendpage function tries to add data to the last skb in the peer's recv queue without locking the queue. This issue leads to a race condition where the unixstreamsendpage...
kernel: use after free in unix_stream_sendpage
A use-after-free flaw was found in the Linux kernel's afunix component that allows local privilege escalation. The unixstreamsendpage function tries to add data to the last skb in the peer's recv queue without locking the queue. This issue leads to a race condition where the unixstreamsendpage...
kernel: use after free in unix_stream_sendpage
A use-after-free flaw was found in the Linux kernel's afunix component that allows local privilege escalation. The unixstreamsendpage function tries to add data to the last skb in the peer's recv queue without locking the queue. This issue leads to a race condition where the unixstreamsendpage...