2083 matches found
DEBIAN-CVE-2022-2959
A race condition was found in the Linux kernel's watch queue due to a missing lock in piperesizering. The specific flaw exists within the handling of pipe buffers. The issue results from the lack of proper locking when performing operations on an object. This flaw allows a local user to crash the...
UBUNTU-CVE-2022-2959
A race condition was found in the Linux kernel's watch queue due to a missing lock in piperesizering. The specific flaw exists within the handling of pipe buffers. The issue results from the lack of proper locking when performing operations on an object. This flaw allows a local user to crash the...
Race condition
A race condition was found in the Linux kernel's watch queue due to a missing lock in piperesizering. The specific flaw exists within the handling of pipe buffers. The issue results from the lack of proper locking when performing operations on an object. This flaw allows a local user to crash the...
CVE-2022-2959
A race condition was found in the Linux kernel's watch queue due to a missing lock in piperesizering. The specific flaw exists within the handling of pipe buffers. The issue results from the lack of proper locking when performing operations on an object. This flaw allows a local user to crash the...
CVE-2022-2959
A race condition was found in the Linux kernel's watch queue due to a missing lock in piperesizering. The specific flaw exists within the handling of pipe buffers. The issue results from the lack of proper locking when performing operations on an object. This flaw allows a local user to crash the...
CVE-2022-2959
CVE-2022-2959 is a Linux kernel race condition in the watch queue due to a missing lock in pipe_resize_ring(), affecting handling of pipe buffers. The flaw, described in multiple sources (including upstream commit references and security bulletins), can allow a local user to crash the system or e...
CVE-2022-2959
A race condition was found in the Linux kernel's watch queue due to a missing lock in piperesizering. The specific flaw exists within the handling of pipe buffers. The issue results from the lack of proper locking when performing operations on an object. This flaw allows a local user to crash the...
CVE-2022-2959
A race condition was found in the Linux kernel's watch queue due to a missing lock in the piperesizering. The race condition occurs when a thread uses ioctlIOCWATCHQUEUESETSIZE to resize the pipe buffer and free the old pipe buffer, while another thread uses keyctl to trigger a notification in th...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from a security vulnerability that stems from a lack of locks in its watch queue's piperesizering causing a contention condition. The flaw allows a loc...
"As Nasty as Dirty Pipe" — 8 Year Old Linux Kernel Vulnerability Uncovered
Details of an eight-year-old security vulnerability in the Linux kernel have emerged that the researchers say is "as nasty as Dirty Pipe." Dubbed DirtyCred by a group of academics from Northwestern University, the security weakness exploits a previously unknown flaw CVE-2022-2588 to escalate...
Eternal Terminal 安全漏洞
Eternal Terminal is a remote shell by Jason Gauci Personal Developer. A security vulnerability exists in Eternal Terminal versions prior to 6.2.0, which stems from a combination of a race condition, buffer overflow, and logic error in PipeSocketHandler::listen...
Exploit for Improper Initialization in Linux Linux_Kernel
!Dirty Pipehttps://forum.hackersploit.org/uploads/default/ori...
Code injection
Lura and KrakenD-CE versions older than v2.0.2 and KrakenD-EE versions older than v2.0.0 do not sanitize URL parameters correctly, allowing a malicious user to alter the backend URL defined for a pipe when remote users send crafty URL requests. The vulnerability does not affect KrakenD itself, bu...
A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. This flaw allows a local user to crash or potentially escalate their privileges on the system.
...
CVE-2021-41031
A relative path traversal vulnerability CWE-23 in FortiClient for Windows versions 7.0.2 and prior, 6.4.6 and prior and 6.2.9 and below may allow a local unprivileged attacker to escalate their privileges to SYSTEM via the named pipe responsible for FortiESNAC service...
CVE-2021-41031
A relative path traversal vulnerability CWE-23 in FortiClient for Windows versions 7.0.2 and prior, 6.4.6 and prior and 6.2.9 and below may allow a local unprivileged attacker to escalate their privileges to SYSTEM via the named pipe responsible for FortiESNAC service...
CVE-2021-41031
CVE-2021-41031 concerns FortiClient for Windows (versions 7.0.2 and prior, 6.4.6 and prior, 6.2.9 and below). A relative path traversal via the FortiESNAC service named pipe allows a local unprivileged attacker to escalate to SYSTEM. Connected sources (Fortinet FG-IR-21-190, Red Hat advisory, NVD...
PT-2022-3863 · Microsoft · Windows Server +1
Name of the Vulnerable Software and Affected Versions: Windows Server versions prior to the fixed version Description: The issue is related to a tampering vulnerability in the Windows Server service, allowing attackers to affect the system. This vulnerability can lead to authentication coercion,...
CVE-2022-24139
In IOBit Advanced System Care AscService.exe 15, an attacker with SEImpersonatePrivilege can create a named pipe with the same name as one of ASCService's named pipes. ASCService first tries to connect before trying to create the named pipes, because of that during login the service will try to...
CVE-2022-24139
In IOBit Advanced System Care AscService.exe 15, an attacker with SEImpersonatePrivilege can create a named pipe with the same name as one of ASCService's named pipes. ASCService first tries to connect before trying to create the named pipes, because of that during login the service will try to...