27 matches found
Astra Linux - уязвимость в linux-5.10, linux-5.15
A race condition was detected in the Linux kernel’s watch queue due to a missing lock in the piperesizering function. The specific flaw lies in the handling of pipe buffers. The problem arises from the lack of proper locking when performing operations on an object. This flaw allows a local user t...
EUVD-2026-24885
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix double-free of smcspdpriv when tee duplicates splice pipe buffer smcrxsplice allocates one smcspdpriv per pipebuffer and stores the pointer in pipebuffer.private. The pipebufoperations for these buffers used .get =...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992728)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992728 advisory. In the Linux kernel, the following vulnerability has been resolved: watchqueue: fix pipe accounting mismatch Currently, watchqueuesetsize modifies the pipe buffers...
EUVD-2022-35180
Malicious code in bioql PyPI...
Linux Kernel 5.16 Dirty Pipe Improper Handling
Proof of concept for the Dirty Pipe vulnerability that affects Linux kernel versions 5.6 through 5.16. This vulnerability allows local privilege escalation by exploiting improper handling of pipe buffers in the kernel, enabling an attacker to modify read-only files such as SUID binaries and execu...
DEBIAN-CVE-2025-23138
In the Linux kernel, the following vulnerability has been resolved: watchqueue: fix pipe accounting mismatch Currently, watchqueuesetsize modifies the pipe buffers charged to user-pipebufs without updating the pipe-nraccounted on the pipe itself, due to the if !pipehaswatchqueue test in...
UBUNTU-CVE-2025-23138
In the Linux kernel, the following vulnerability has been resolved: watchqueue: fix pipe accounting mismatch Currently, watchqueuesetsize modifies the pipe buffers charged to user-pipebufs without updating the pipe-nraccounted on the pipe itself, due to the if !pipehaswatchqueue test in...
CVE-2025-23138 watch_queue: fix pipe accounting mismatch
In the Linux kernel, the following vulnerability has been resolved: watchqueue: fix pipe accounting mismatch Currently, watchqueuesetsize modifies the pipe buffers charged to user-pipebufs without updating the pipe-nraccounted on the pipe itself, due to the if !pipehaswatchqueue test in...
CVE-2025-23138
CVE-2025-23138: In the Linux kernel, watch_queue: fix pipe accounting mismatch. watch_queue_set_size() updated charged pipe buffers for user->pipe_bufs but did not update pipe->nr_accounted due to pipe_resize_ring() guard, risking underflow when a pipe is freed and causing failures in too_m...
CVE-2025-23138 watch_queue: fix pipe accounting mismatch
In the Linux kernel, the following vulnerability has been resolved: watchqueue: fix pipe accounting mismatch Currently, watchqueuesetsize modifies the pipe buffers charged to user-pipebufs without updating the pipe-nraccounted on the pipe itself, due to the if !pipehaswatchqueue test in...
AlmaLinux 9 : kpatch-patch (ALSA-2023:0348)
The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:0348 advisory. - A race condition was found in the Linux kernel's watch queue due to a missing lock in piperesizering. The specific flaw exists within the handling of pi...
AlmaLinux 9 : kernel-rt (ALSA-2023:0300)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:0300 advisory. - A race condition was found in the Linux kernel's watch queue due to a missing lock in piperesizering. The specific flaw exists within the handling of pi...
USN-5616-1: Linux kernel (Intel IoTG) vulnerabilities
Asaf Modelevsky discovered that the IntelR 10GbE PCI Express ixgbe Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. CVE-2021-33061 Moshe Kol, Amit Klein and Yossi Gilad discovered that the I...
Ubuntu 22.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-5602-1)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5602-1 advisory. Asaf Modelevsky discovered that the IntelR 10GbE PCI Express ixgbe Ethernet driver for the Linux kernel performed insufficient control flow management. A...
USN-5594-1: Linux kernel vulnerabilities
Asaf Modelevsky discovered that the IntelR 10GbE PCI Express ixgbe Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. CVE-2021-33061 Moshe Kol, Amit Klein and Yossi Gilad discovered that the I...
A race condition was found in the Linux kernel's watch queue due to a missing lock in pipe_resize_ring(). The specific flaw exists within the handling of pipe buffers. The issue results from the lack of proper locking when performing operations on an object. This flaw allows a local user to crash the system or escalate their privileges on the system.
...
CVE-2022-2959
A race condition was found in the Linux kernel's watch queue due to a missing lock in piperesizering. The specific flaw exists within the handling of pipe buffers. The issue results from the lack of proper locking when performing operations on an object. This flaw allows a local user to crash the...
CVE-2022-2959
A race condition was found in the Linux kernel's watch queue due to a missing lock in piperesizering. The specific flaw exists within the handling of pipe buffers. The issue results from the lack of proper locking when performing operations on an object. This flaw allows a local user to crash the...
CVE-2022-2959
A race condition was found in the Linux kernel's watch queue due to a missing lock in piperesizering. The specific flaw exists within the handling of pipe buffers. The issue results from the lack of proper locking when performing operations on an object. This flaw allows a local user to crash the...
DEBIAN-CVE-2022-2959
A race condition was found in the Linux kernel's watch queue due to a missing lock in piperesizering. The specific flaw exists within the handling of pipe buffers. The issue results from the lack of proper locking when performing operations on an object. This flaw allows a local user to crash the...