Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000986)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000986 advisory. The perfsweventinit function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privilege...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004403)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004403 advisory. A race condition in perfeventopen allows local attackers to leak sensitive data from setuid programs. As no relevant locks in particular the credguardmutex are held...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001241)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001241 advisory. A race condition in perfeventopen allows local attackers to leak sensitive data from setuid programs. As no relevant locks in particular the credguardmutex are held...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001718)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001718 advisory. A race condition was found the Linux kernel in perfeventopen which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several...

EUVD-2018-4667

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2015-9004

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - kernel/events/core.c in the Linux kernel before 3.19 mishandles counter grouping, which allows local users to gain privileges via a crafted application, related...

NewStart CGSL MAIN 6.06 : kernel Multiple Vulnerabilities (NS-SA-2023-0083)

The remote NewStart CGSL host, running version MAIN 6.06, has kernel packages installed that are affected by multiple vulnerabilities: - There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2capcore.c's l2capconnect and l2capleconnectreq functions which may allow code...

NewStart CGSL MAIN 6.02 : kernel Multiple Vulnerabilities (NS-SA-2023-0107)

The remote NewStart CGSL host, running version MAIN 6.02, has kernel packages installed that are affected by multiple vulnerabilities: - A vulnerability was found in the fs/inode.c:inodeinitowner function logic of the LInux kernel that allows local users to create files for the XFS file-system wi...

CVE-2023-6931

A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local privilege escalation. A perfevent's readsize can overflow, leading to an heap out-of-bounds increment or write in perfreadgroup. We recommend upgrading past commit...

Amazon Linux 2 : kernel (ALASKERNEL-5.15-2023-023)

The version of kernel installed on the remote host is prior to 5.15.43-20.103. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2023-023 advisory. 2024-03-13: CVE-2022-48619 was added to this advisory. 2023-10-12: CVE-2021-3923 was added to this advisor...

K14445: Linux kernel vulnerability CVE-2013-2094

Security Advisory Description The perfsweventinit function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type. CVE-2013-2094 Impact Local users may be able to gain privileges through a crafted perfeventopen system call. Security Advisory Status F5 Product...

SUSE CVE-2019-3901

A race condition in perfeventopen allows local attackers to leak sensitive data from setuid programs. As no relevant locks in particular the credguardmutex are held during the ptracemayaccess call, it is possible for the specified target task to perform an execve syscall with setuid execution...

Ubuntu 20.04 LTS : Linux kernel (GKE) vulnerabilities (USN-5654-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5654-1 advisory. It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of-...

Ubuntu 20.04 LTS : Linux kernel (GCP) vulnerabilities (USN-5647-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5647-1 advisory. It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of-...

Ubuntu 20.04 LTS : Linux kernel (Azure CVM) vulnerabilities (USN-5639-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5639-1 advisory. It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of-...

Linux kernel competition condition issue vulnerability (CNVD-2022-74091)

Linux kernel is the kernel used by the Linux Foundation's open source operating system, Linux. Linux kernel is vulnerable to a contention problem that originates from a contention problem in the perfeventopen function, which can be exploited by local attackers to elevate privileges...

Ubuntu 22.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-5602-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5602-1 advisory. Asaf Modelevsky discovered that the IntelR 10GbE PCI Express ixgbe Ethernet driver for the Linux kernel performed insufficient control flow management. A...

Ubuntu 22.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-5599-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5599-1 advisory. Asaf Modelevsky discovered that the IntelR 10GbE PCI Express ixgbe Ethernet driver for the Linux kernel performed insufficient control flow management. A...

Race condition

A race condition was found the Linux kernel in perfeventopen which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc...

CVE-2022-1729

CVE-2022-1729 describes a race condition in the Linux kernel perf_event_open() within the perf subsystem. An unprivileged local user could exploit this to gain root privileges, with potential follow-on impacts such as information leaks or arbitrary code execution as implied by multiple sources. C...