59 matches found
Astra Linux - уязвимость в linux-5.10
A flaw was discovered in the way the “flags” member of the new pipe buffer structure lacked proper initialization in the copypagetoiterpipe and pushpipe functions of the Linux kernel. As a result, these members could contain stale values. An unprivileged local user could exploit this flaw to writ...
net/smc: fix double-free of smc_spd_priv when tee() duplicates splice pipe buffer
...
SUSE CVE-2026-31507
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix double-free of smcspdpriv when tee duplicates splice pipe buffer smcrxsplice allocates one smcspdpriv per pipebuffer and stores the pointer in pipebuffer.private. The pipebufoperations for these buffers used .get =...
EUVD-2026-24885
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix double-free of smcspdpriv when tee duplicates splice pipe buffer smcrxsplice allocates one smcspdpriv per pipebuffer and stores the pointer in pipebuffer.private. The pipebufoperations for these buffers used .get =...
CVE-2026-31507 net/smc: fix double-free of smc_spd_priv when tee() duplicates splice pipe buffer
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix double-free of smcspdpriv when tee duplicates splice pipe buffer smcrxsplice allocates one smcspdpriv per pipebuffer and stores the pointer in pipebuffer.private. The pipebufoperations for these buffers used .get =...
CVE-2026-31507
CVE-2026-31507 affects the Linux kernel SMC module (net/smc). The vulnerability is a double-free of the per-buffer state (smc_spd_priv) when tee(2) duplicates a splice pipe buffer, leading to a use-after-free and a kernel NULL pointer dereference, ultimately causing a kernel panic. The root cause...
PT-2026-34412
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix double-free of smc spd priv when tee duplicates splice pipe buffer smc rx splice allocates one smc spd priv per pipe buffer and stores the pointer in pipe buffer.private. The pipe buf operations for these buffers use...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001572)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001572 advisory. A flaw was found in the way the flags member of the new pipe buffer structure was lacking proper initialization in copypagetoiterpipe and pushpipe functions in the...
kernel security update
3.10.0-1160.119.1.0.4.el7.OL7 - fuse: fix pipe buffer lifetime for directio Miklos Szeredi 3.10.0-1160.119.1.0.4.el7.OL7...
Exploit for Improper Initialization in Linux Linux_Kernel
CSE 5380: Information Security Paper CVE-2022-0847 Dirty Pip...
Rocky Linux 8 : kernel-rt (RLSA-2022:0819)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:0819 advisory. - In unixscmtoskb of afunix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with...
kernel: watch queue race condition can lead to privilege escalation
A race condition was found in the Linux kernel's watch queue due to a missing lock in the piperesizering. The race condition occurs when a thread uses ioctlIOCWATCHQUEUESETSIZE to resize the pipe buffer and free the old pipe buffer, while another thread uses keyctl to trigger a notification in th...
kernel: watch queue race condition can lead to privilege escalation
A race condition was found in the Linux kernel's watch queue due to a missing lock in the piperesizering. The race condition occurs when a thread uses ioctlIOCWATCHQUEUESETSIZE to resize the pipe buffer and free the old pipe buffer, while another thread uses keyctl to trigger a notification in th...
kernel: watch queue race condition can lead to privilege escalation
A race condition was found in the Linux kernel's watch queue due to a missing lock in the piperesizering. The race condition occurs when a thread uses ioctlIOCWATCHQUEUESETSIZE to resize the pipe buffer and free the old pipe buffer, while another thread uses keyctl to trigger a notification in th...
kernel: watch queue race condition can lead to privilege escalation
A race condition was found in the Linux kernel's watch queue due to a missing lock in the piperesizering. The race condition occurs when a thread uses ioctlIOCWATCHQUEUESETSIZE to resize the pipe buffer and free the old pipe buffer, while another thread uses keyctl to trigger a notification in th...
Unbreakable Enterprise kernel security update
4.1.12-124.66.3 - fuse: fix pipe buffer lifetime for directio Miklos Szeredi Orabug: 33981149 CVE-2022-1011 - vt: drop old FONT ioctls Jiri Slaby Orabug: 34408794 CVE-2021-33656 - video: ofdisplaytiming.h: include errno.h Hsin-Yi Wang Orabug: 34408910 CVE-2021-33655 - fbcon: Disallow setting font...
CVE-2022-2959
A race condition was found in the Linux kernel's watch queue due to a missing lock in piperesizering. The specific flaw exists within the handling of pipe buffers. The issue results from the lack of proper locking when performing operations on an object. This flaw allows a local user to crash the...
CVE-2022-2959
A race condition was found in the Linux kernel's watch queue due to a missing lock in the piperesizering. The race condition occurs when a thread uses ioctlIOCWATCHQUEUESETSIZE to resize the pipe buffer and free the old pipe buffer, while another thread uses keyctl to trigger a notification in th...
EulerOS 2.0 SP10 : kernel (EulerOS-SA-2022-1782)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in the Linux kernel's cgroupreleaseagentwrite in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain...
Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2022-011 (ALASKERNEL-5.10-2022-011)
The version of kernel installed on the remote host is prior to 5.10.102-99.473. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2022-011 advisory. AMD recommends using a software mitigation for this issue, which the kernel is enabling by default. The...