37 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ping: A potential NULL dereference issue has been fixed for /proc/net/icmp. After the commit dbca1596bbb0 “ping: convert to RCU lookups, get rid of rwlock”, we use RCU for ping sockets. However, we should use a spinlock for...
CVE-2023-53987
A flaw was found in the Linux kernel. A local attacker could exploit a potential NULL dereference vulnerability in the ping socket handling when accessing /proc/net/icmp. This issue arises from an incorrect use of Read-Copy Update RCU instead of a spinlock. Successful exploitation of this flaw...
CVE-2023-53987
In the Linux kernel, the following vulnerability has been resolved: ping: Fix potentail NULL deref for /proc/net/icmp. After commit dbca1596bbb0 "ping: convert to RCU lookups, get rid of rwlock", we use RCU for ping sockets, but we should use spinlock for /proc/net/icmp to avoid a potential NULL...
CVE-2023-53987
The CVE-2023-53987 issue affects the Linux kernel’s ping handling, where a potential NULL dereference in /proc/net/icmp could be triggered by an incorrect use of Read-Copy-Update (RCU) for ping sockets. The root cause, as stated in multiple sources, is using RCU lookups instead of a spinlock for ...
CVE-2023-53987 ping: Fix potentail NULL deref for /proc/net/icmp.
In the Linux kernel, the following vulnerability has been resolved: ping: Fix potentail NULL deref for /proc/net/icmp. After commit dbca1596bbb0 "ping: convert to RCU lookups, get rid of rwlock", we use RCU for ping sockets, but we should use spinlock for /proc/net/icmp to avoid a potential NULL...
PT-2025-52944
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to a potential NULL dereference within the /proc/net/icmp interface when using ping sockets. The issue arose after a commit dbca1596bbb0...
SUSE CVE-2013-6432
The pingrecvmsg function in net/ipv4/ping.c in the Linux kernel before 3.12.4 does not properly interact with read system calls on ping sockets, which allows local users to cause a denial of service NULL pointer dereference and system crash by leveraging unspecified privileges to execute a crafte...
Mageia: Security Advisory (MGASA-2015-0221)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Denial Of Service (DOS)
Linux kernel is vulnerable to denial of service DOS attacks. The vulnerability exists because the pingunhash function in net/ipv4/ping.c in the Linux kernel is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe. Local attackers with access ...
kernel: ping socket / AF_LLC connect() sin_family race
A race condition leading to a NULL pointer dereference was found in the Linux kernel's Link Layer Control implementation. A local attacker with access to ping sockets could use this flaw to crash the system...
kernel: ping socket / AF_LLC connect() sin_family race
A race condition leading to a NULL pointer dereference was found in the Linux kernel's Link Layer Control implementation. A local attacker with access to ping sockets could use this flaw to crash the system...
kernel: ping socket / AF_LLC connect() sin_family race
A race condition leading to a NULL pointer dereference was found in the Linux kernel's Link Layer Control implementation. A local attacker with access to ping sockets could use this flaw to crash the system...
CVE-2017-2671
A race condition leading to a NULL pointer dereference was found in the Linux kernel's Link Layer Control implementation. A local attacker with access to ping sockets could use this flaw to crash the system...
RHEL 7 : kernel-rt (RHSA-2015:1565)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:1565 advisory. - kernel: netfilter connection tracking extensions denial of service CVE-2014-9715 - kernel: execution in the early microcode loader...
kernel: ping sockets: use-after-free leading to local privilege escalation
It was found that the Linux kernel's ping socket implementation did not properly handle socket unhashing during spurious disconnects, which could lead to a use-after-free flaw. On x86-64 architecture systems, a local user able to create ping sockets could use this flaw to crash the system. On...
kernel: ping sockets: use-after-free leading to local privilege escalation
It was found that the Linux kernel's ping socket implementation did not properly handle socket unhashing during spurious disconnects, which could lead to a use-after-free flaw. On x86-64 architecture systems, a local user able to create ping sockets could use this flaw to crash the system. On...
kernel: ping sockets: use-after-free leading to local privilege escalation
It was found that the Linux kernel's ping socket implementation did not properly handle socket unhashing during spurious disconnects, which could lead to a use-after-free flaw. On x86-64 architecture systems, a local user able to create ping sockets could use this flaw to crash the system. On...
kernel: ping sockets: use-after-free leading to local privilege escalation
It was found that the Linux kernel's ping socket implementation did not properly handle socket unhashing during spurious disconnects, which could lead to a use-after-free flaw. On x86-64 architecture systems, a local user able to create ping sockets could use this flaw to crash the system. On...
kernel: ping sockets: use-after-free leading to local privilege escalation
It was found that the Linux kernel's ping socket implementation did not properly handle socket unhashing during spurious disconnects, which could lead to a use-after-free flaw. On x86-64 architecture systems, a local user able to create ping sockets could use this flaw to crash the system. On...
[SECURITY] [DSA 3290-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3290-1 [email protected] https://www.debian.org/security/ Ben Hutchings June 18, 2015 https://www.debian.org/security/faq -...