18 matches found
EulerOS 2.0 SP11 : kernel (EulerOS-SA-2024-2207)
"According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: afunix: Fix garbage collector racing against connect Garbage collector does n...
SUSE SLES15 Security Update : kernel (SUSE-SU-2024:2973-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2973-1 advisory. The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: -...
CVE-2023-52656
In the Linux kernel, the following vulnerability has been resolved: iouring: drop any code related to SCMRIGHTS This is dead code after we dropped support for passing iouring fds over SCMRIGHTS, get rid of it...
CVE-2023-52656
In the Linux kernel, the following vulnerability has been resolved: iouring: drop any code related to SCMRIGHTS This is dead code after we dropped support for passing iouring fds over SCMRIGHTS, get rid of it...
CVE-2023-52656
CVE-2023-52656 concerns the Linux kernel io_uring subsystem. The connected documents confirm that the vulnerability arises from dropping any code related to SCM_RIGHTS, i.e., dead code after removing support for passing io_uring fds over SCM_RIGHTS. The practical effect described is that the code...
CVE-2023-52656 io_uring: drop any code related to SCM_RIGHTS
In the Linux kernel, the following vulnerability has been resolved: iouring: drop any code related to SCMRIGHTS This is dead code after we dropped support for passing iouring fds over SCMRIGHTS, get rid of it...
CVE-2023-52656 io_uring: drop any code related to SCM_RIGHTS
In the Linux kernel, the following vulnerability has been resolved: iouring: drop any code related to SCMRIGHTS This is dead code after we dropped support for passing iouring fds over SCMRIGHTS, get rid of it...
CVE-2023-52656 io_uring: drop any code related to SCM_RIGHTS
In the Linux kernel, the following vulnerability has been resolved: iouring: drop any code related to SCMRIGHTS This is dead code after we dropped support for passing iouring fds over SCMRIGHTS, get rid of it...
CVE-2023-52656
In the Linux kernel, the following vulnerability has been resolved: iouring: drop any code related to SCMRIGHTS This is dead code after we dropped support for passing iouring fds over SCMRIGHTS, get rid of it...
CVE-2024-26923
In the Linux kernel, the following vulnerability has been resolved: afunix: Fix garbage collector racing against connect Garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. If such embryo has a peer that carries SCMRIGHTS, two consecutiv...
CVE-2024-26923 af_unix: Fix garbage collector racing against connect()
In the Linux kernel, the following vulnerability has been resolved: afunix: Fix garbage collector racing against connect Garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. If such embryo has a peer that carries SCMRIGHTS, two consecutiv...
CVE-2024-26923 af_unix: Fix garbage collector racing against connect()
In the Linux kernel, the following vulnerability has been resolved: afunix: Fix garbage collector racing against connect Garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. If such embryo has a peer that carries SCMRIGHTS, two consecutiv...
CVE-2024-26923 af_unix: Fix garbage collector racing against connect()
In the Linux kernel, the following vulnerability has been resolved: afunix: Fix garbage collector racing against connect Garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. If such embryo has a peer that carries SCMRIGHTS, two consecutiv...
CVE-2024-26923
CVE-2024-26923 is a Linux kernel vulnerability in AF_UNIX garbage collection. The race occurs when a GC pass enqueues an embryo that has a peer carrying SCM_RIGHTS, causing the inflight set to differ between passes. This can leave a dangling pointer in the gc_inflight_list and may lead to memory ...
CVE-2024-26676
In the Linux kernel, the following vulnerability has been resolved: afunix: Call kfreeskb for dead unixsk-oobskb in GC. syzbot reported a warning 0 in unixgc with a repro, which creates a socketpair and sends one socket's fd to itself using the peer. socketpairAFUNIX, SOCKSTREAM, 0, 3, 4 = 0...
The quantum state of Linux kernel garbage collection CVE-2021-0920 (Part I)
A deep dive into an in-the-wild Android exploit Guest Post by Xingyu Jin, Android Security Research This is part one of a two-part guest blog post, where first we'll look at the root cause of the CVE-2021-0920 vulnerability. In the second post, we'll dive into the in-the-wild 0-day exploitation o...
USN-679-1: Linux kernel vulnerabilities
It was discovered that the Xen hypervisor block driver did not correctly validate requests. A user with root privileges in a guest OS could make a malicious IO request with a large number of blocks that would crash the host OS, leading to a denial of service. This only affected Ubuntu 7.10...
CVE-2008-5029
CVE-2008-5029 affects the Linux kernel 2.6.27.4, 2.6.26 and earlier via the __scm_destroy function in net/core/scm.c, which can cause indirect recursive calls when closing sockets after an SCM_RIGHTS message. This local DoS (panic) condition results from the kernelโs handling of UNIX domain socke...