13 matches found
EUVD-2025-5184
Malicious code in bioql PyPI...
A use-after-free flaw was found in the Linux kernel’s PLP Rose functionality in the way a user triggers a race condition by calling bind while simultaneously triggering the rose_bind() function. This flaw allows a local user to crash or potentially escalate their privileges on the system.
...
CVE-2025-21749
In the Linux kernel, the following vulnerability has been resolved: net: rose: lock the socket in rosebind syzbot reported a soft lockup in roseloopbacktimer, with a repro calling bind from multiple threads. rosebind must lock the socket to avoid this issue...
CVE-2025-21749 net: rose: lock the socket in rose_bind()
In the Linux kernel, the following vulnerability has been resolved: net: rose: lock the socket in rosebind syzbot reported a soft lockup in roseloopbacktimer, with a repro calling bind from multiple threads. rosebind must lock the socket to avoid this issue...
CVE-2025-21749
In the Linux kernel, the following vulnerability has been resolved: net: rose: lock the socket in rosebind syzbot reported a soft lockup in roseloopbacktimer, with a repro calling bind from multiple threads. rosebind must lock the socket to avoid this issue...
CVE-2025-21749 net: rose: lock the socket in rose_bind()
In the Linux kernel, the following vulnerability has been resolved: net: rose: lock the socket in rosebind syzbot reported a soft lockup in roseloopbacktimer, with a repro calling bind from multiple threads. rosebind must lock the socket to avoid this issue...
CVE-2025-21749
CVE-2025-21749: In the Linux kernel, the Rose network layer is affected. The issue arises in rose_bind() where the socket must be locked to prevent a soft lockup triggered by a repro that binds from multiple threads, as reported by syzbot (rose_loopback_timer()). Affected component: roseBind path...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an unlocked socket in the rosebind function, which could lead to a soft lockup...
SUSE CVE-2010-3310
Multiple integer signedness errors in net/rose/afrose.c in the Linux kernel before 2.6.36-rc5-next-20100923 allow local users to cause a denial of service heap memory corruption or possibly have unspecified other impact via a rosegetname function call, related to the rosebind and roseconnect...
CVE-2022-2961
A use-after-free flaw was found in the Linux kernel’s PLP Rose functionality in the way a user triggers a race condition by calling bind while simultaneously triggering the rosebind function. This flaw allows a local user to crash or potentially escalate their privileges on the system...
CVE-2010-3310
Multiple integer signedness errors in net/rose/afrose.c in the Linux kernel before 2.6.36-rc5-next-20100923 allow local users to cause a denial of service heap memory corruption or possibly have unspecified other impact via a rosegetname function call, related to the rosebind and roseconnect...
Integer overflow
Multiple integer signedness errors in net/rose/afrose.c in the Linux kernel before 2.6.36-rc5-next-20100923 allow local users to cause a denial of service heap memory corruption or possibly have unspecified other impact via a rosegetname function call, related to the rosebind and roseconnect...
CVE-2010-3310
Multiple integer signedness errors in net/rose/afrose.c in the Linux kernel before 2.6.36-rc5-next-20100923 allow local users to cause a denial of service heap memory corruption or possibly have unspecified other impact via a rosegetname function call, related to the rosebind and roseconnect...