kernel: use after free in unix_stream_sendpage

A use-after-free flaw was found in the Linux kernel's afunix component that allows local privilege escalation. The unixstreamsendpage function tries to add data to the last skb in the peer's recv queue without locking the queue. This issue leads to a race condition where the unixstreamsendpage...

kernel: use after free in unix_stream_sendpage

A use-after-free flaw was found in the Linux kernel's afunix component that allows local privilege escalation. The unixstreamsendpage function tries to add data to the last skb in the peer's recv queue without locking the queue. This issue leads to a race condition where the unixstreamsendpage...

kernel: use after free in unix_stream_sendpage

A use-after-free flaw was found in the Linux kernel's afunix component that allows local privilege escalation. The unixstreamsendpage function tries to add data to the last skb in the peer's recv queue without locking the queue. This issue leads to a race condition where the unixstreamsendpage...

PT-2025-40176

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.5 Description The Linux kernel contains a flaw in the unix stream sendpage function related to a null pointer dereference. This issue occurs when handling sockets in a specific loop scenario involving garbage...

PT-2023-1009 · Linux +10 · Linux Kernel +10

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A use-after-free vulnerability in the Linux kernel's af unix component can be exploited to achieve local privilege escalation. The unix stream sendpage function tries to add data to th...

PT-2022-7704 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the Linux kernel's handling of mixed splice/sendmsgMSG ZEROCOPY cases over the same TCP socket, which could trigger a warning in inet sock destruct. The problem...

Linux Kernel - Sendpage Local Privilege Escalation

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' require...

Linux Kernel 2.4.4 < 2.4.37.4 / 2.6.0 < 2.6.30.4 - 'Sendpage' Local Privilege Escalation (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' require 'msf/core/post/common' require...

Debian DSA-1865-1 : linux-2.6 - denial of service/privilege escalation

Several vulnerabilities have been discovered in the Linux kernel that may lead to denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-1385 Neil Horman discovered a missing fix from the e1000 network driver. A...

Debian DSA-1862-1 : linux-2.6 - privilege escalation

A vulnerability has been discovered in the Linux kernel that may lead to privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problem : - CVE-2009-2692 Tavis Ormandy and Julien Tinnes discovered an issue with how the sendpage function is initialized in t...

Debian Security Advisory DSA 1864-1 (linux-2.6.24)

The remote host is missing an update to linux-2.6.24 announced via advisory DSA 1864-1. OpenVAS Vulnerability Test $Id: deb18641.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1864-1 linux-2.6.24 Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft In...

kernel: uninit op in SOCKOPS_WRAP() leads to privesc

The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in protoops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using mmap to map page zero, placing arbitrary code on...

DSA-1865-1 fai-kernels linux-2.6 user-mode-linux - several vulnerabilities

Bulletin has no description...