EUVD-2026-21932

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackexpect: use expect-helper Use expect-helper in ctnetlink and /proc to dump the helper name. Using nfcthelp without holding a reference to the master conntrack is unsafe. Use exp-master-helper in ctnetlink pa...

CVE-2025-58346

An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/sendaddts write operation, leading to kernel...

EUVD-2025-206703

An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 2200, 1330, 1380, 1480, 1580, W920, W930, and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/sendaddts write operation, leading to...

PT-2025-29045

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A use-after-free issue was identified in the net/atm/lec.c component of the Linux kernel. Specifically, an error path in the lecd attach function could result in a dangling pointer...

SUSE CVE-2022-49288

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix races among concurrent prealloc proc writes We have no protection against concurrent PCM buffer preallocation changes via proc files, and it may potentially lead to UAF or some weird problem. This patch applies the...

CLSA-2023-1682712108 kernel: Fix of 7 CVEs

mISDN: fix use-after-free bugs in l1oip timer handlers CVE-2022-3565 - media: rc: Fix use-after-free bugs caused by enetxirqsim CVE-2023-1118 - Bluetooth: btsdio: fix use after free bug in btsdioremove due to unfinished work CVE-2023-1989 - proc: procskipspaces shouldn't think it is working on C...

Linux Kernel 2.6.32 Privilege Escalation

Source: http://www.halfdog.net/Security/2011/SuidBinariesAndProcInterface/ proc Handling of Already Opened Files: Subvert The Stack Base Address Randomization With Suid-Binaries Problem description: Latest ubuntu lucid stock kernel 2.6.32-27-generic contains a bug that allows to keep attached to...

DSA-2264-1 linux-2.6 - several issues

Bulletin has no description...

Linux Kernel 2.6.32 (Ubuntu 10.04) - proc Handling SUID Privilege Escalation

Linux Kernel 2.6.32 Ubuntu 10.04 - proc Handling SUID Privilege Escalation Source: http://www.halfdog.net/Security/2011/SuidBinariesAndProcInterface/ proc Handling of Already Opened Files: Subvert The Stack Base Address Randomization With Suid-Binaries Problem description: Latest ubuntu lucid sto...

ALSA memory disclosure flaw

The sndmemprocread function in sound/core/memalloc.c in the Advanced Linux Sound Architecture ALSA in the Linux kernel before 2.6.22.8 does not return the correct write size, which allows local users to obtain sensitive information kernel memory contents via a small count argument, as demonstrate...

USN-95-1: Linux kernel vulnerabilities

A remote Denial of Service vulnerability was discovered in the Netfilter IP packet handler. This allowed a remote attacker to crash the machine by sending specially crafted IP packet fragments. CAN-2005-0209 The Netfilter code also contained a memory leak. Certain locally generated packet fragmen...