Astra Linux - уязвимость в linux-6.1, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/sched: actmirred: Do not override retval if we have already lost the skb. If we are redirecting the skb, and have not yet called tcfmirredforward, we need to inform the kernel to discard the skb by setting the retcode to SHOT...

EUVD-2016-3421

Malware in sbrugna...

UBUNTU-CVE-2024-26739

In the Linux kernel, the following vulnerability has been resolved: net/sched: actmirred: don't override retval if we already lost the skb If we're redirecting the skb, and haven't called tcfmirredforward, yet, we need to tell the core to drop the skb by setting the retcode to SHOT. If we have...

macOS - 'process_policy' Stack Leak Through Uninitialized Field

/ The syscall processpolicyscope=PROCPOLICYSCOPEPROCESS, action=PROCPOLICYACTIONGET, policy=PROCPOLICYRESOURCEUSAGE, policysubtype=PROCPOLICYRUSAGECPU, attrp=, targetpid=0, targetthreadid= causes 4 bytes of uninitialized kernel stack memory to be written to userspace. The call graph looks as...

Type confusion exists in _cancel_eval Ruby's TclTkIp class

Type confusion exists in canceleval Ruby's TclTkIp class method. Attacker passing different type of object than String as "retval" argument can cause arbitrary code execution...

Ruby '_cancel_eval' Class Arbitrary Code Execution Vulnerability

Ruby is a cross-platform, object-oriented, dynamically typed programming language developed by Japanese software developer Yukihiro Matsumoto. An arbitrary command execution vulnerability exists in the 'canceleval' class in Ruby versions 2.2.2 Tcl/Tk8.6, 2.3.0 dev. The vulnerability can be...