Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: afs: Fixed the maximum cell name length The kafs filesystem limits the maximum length of a cell to 256 bytes. However, a problem arises when someone attempts to create a directory under /proc/net/afs/ with the name of a cell. Thi...

runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects

A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...

EUVD-2025-201186

In the Linux kernel, the following vulnerability has been resolved: pidfs: validate extensible ioctls Validate extensible ioctls stricter than we do now...

SUSE SLES15 / openSUSE 15 Security Update : podman (SUSE-SU-2025:4081-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4081-1 advisory. - CVE-2025-31133: Fixed container escape via 'masked path' abuse due to mount race conditions bsc1252376 -...

MGASA-2025-0271 Updated opencontainers-runc packages fix security vulnerabilities

The way masked paths are implemented in runc can be exploited to cause the host system to crash or halt CVE-2025-31133 and a flaw in /dev/console bind-mounts can lead to container escape CVE-2025-52565. Also, arbitrary write gadgets and procfs write redirects could be used to engineer container...

PT-2025-45373

Name of the Vulnerable Software and Affected Versions runc versions 1.0.0-rc3 through 1.2.7 runc versions 1.3.0-rc.1 through 1.3.2 runc versions 1.4.0-rc.1 through 1.4.0-rc.2 Description Insufficient checks when bind-mounting /dev/pts/$n to /dev/console inside a container allow an attacker to tri...

EUVD-2011-3478

Malware in sbrugna...

EUVD-2005-4695

Malware in sbrugna...

CVE-2022-50502

...

EUVD-2025-25549

Malicious code in bioql PyPI...

proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al

...

Linux Distros Unpatched Vulnerability : CVE-2025-38003

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - can: bcm: add missing rcu read protection for procfs content When the procfs content is generated for a bcmop which is in the process to be removed the procfs...

DEBIAN-CVE-2023-53118

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix a procfs host directory removal regression scsiprochostdirrm decreases a reference counter and hence must only be called once per host that is removed. This change does not require a scsiaddhostwithdma change sinc...

kernel: nfs: Handle error of rpc_proc_register() in nfs_net_init().

In the Linux kernel, the following vulnerability has been resolved: nfs: Handle error of rpcprocregister in nfsnetinit. syzkaller reported a warning 0 triggered while destroying immature netns. rpcprocregister was called in initnfsfs, but its error has been ignored since at least the initial comm...

AZL-59604 CVE-2025-21999 affecting package kernel for versions less than 5.15.180.1-1

In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in procgetinode Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde-procops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc entry has been registered...

kernel: can: bcm: Fix UAF in bcm_proc_show()

In the Linux kernel, the following vulnerability has been resolved: can: bcm: Fix UAF in bcmprocshow BUG: KASAN: slab-use-after-free in bcmprocshow+0x969/0xa80 Read of size 8 at addr ffff888155846230 by task cat/7862 CPU: 1 PID: 7862 Comm: cat Not tainted 6.5.0-rc1-00153-gc8746099c197 230 Hardwar...

kernel: scsi: core: Fix unremoved procfs host directory regression

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix unremoved procfs host directory regression The Linux kernel CVE team has assigned CVE-2024-26935 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024050124-CVE-2024-26935-8b4e@gregkh/T...

SUSE CVE-2025-21646

In the Linux kernel, the following vulnerability has been resolved: afs: Fix the maximum cell name length The kafs filesystem limits the maximum length of a cell to 256 bytes, but a problem occurs if someone actually does that: kafs tries to create a directory under /proc/net/afs/ with the name o...

procps buffer error vulnerability

procps is the procps-ng open source command line and full screen utility for browsing procfs. A security vulnerability exists in procps that stems from allowing a user with the right to run the procps program on a computer to write a virtually unlimited amount of unfiltered data to the process he...

UBUNTU-CVE-2020-1739

A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9.5 and prior when a password is set with the argument "password" of svn module, it is used on svn command line, disclosing to other users within the same node. An attacker could take advantage by reading the cmdline file from...