Astra Linux - уязвимость в linux, linux-5.10

A use-after-free flaw was discovered in the Linux kernel’s SGI GRU driver. This flaw arises from the way the grufileunlockedioctl function is called by the user, resulting in a failure in the grucheckchipletassignment function. This flaw allows a local user to cause a system crash or potentially...

Siemens Ruggedcom ROX Use After Free (CVE-2022-3424)

A use-after-free flaw was found in the Linux kernel's SGI GRU driver in the way the first grufileunlockedioctl function is called by the user, where a fail pass occurs in the grucheckchipletassignment function. This flaw allows a local user to crash or potentially escalate their privileges on the...

EUVD-2009-2579

Malware in sbrugna...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414400)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414400 advisory. A use-after-free flaw was found in the Linux kernels SGI GRU driver in the way the first grufileunlockedioctl function is called by the user, where a fail pass occur...

EUVD-2022-42800

Malicious code in bioql PyPI...

kernel: Use after Free in gru_set_context_option leading to kernel panic

A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first grufileunlockedioctl function is called by the user, where a fail pass occurs in the grucheckchipletassignment function. This flaw allows a local user to crash or potentially escalate their privileges on the...

SUSE CVE-2022-3424

A use-after-free flaw was found in the Linux kernel's SGI GRU driver in the way the first grufileunlockedioctl function is called by the user, where a fail pass occurs in the grucheckchipletassignment function. This flaw allows a local user to crash or potentially escalate their privileges on the...

CLSA-2023-1693426883 kernel: Fix of 20 CVEs

netfilter: nftsetpipapo: fix improper element removal CVE-2023-4004 - net: tun: fix bugs for oversize packet when napi frags enabled CVE-2023-3812 - net/sched: clsfw: Fix improper refcount update leads to use-after-free CVE-2023-3776 - net/sched: schqfq: account for stab overhead in qfqenqueue...

Unbreakable Enterprise kernel security update

4.1.12-124.76.2 - firewire: fix potential uaf in outboundphypacketcallback Chengfeng Ye Orabug: 35493606 CVE-2023-3159 - ath9k: fix use-after-free in ath9khifusbrxcb Pavel Skripkin Orabug: 35448003 CVE-2022-1679 - dm ioctl: fix nested locking in tableclear to remove deadlock concern Mike Snitzer...

EulerOS 2.0 SP5 : kernel (EulerOS-SA-2023-2152)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack...

[SECURITY] [DLA 3404-1] linux-5.10 security update

Debian LTS Advisory DLA-3404-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings May 3, 2023 https://wiki.debian.org/LTS Package : linux-5.10 Version : 5.10.178-3deb10u1 CVE ID : CVE-2022-2196 CVE-2022-3424 CVE-2022-3707 CVE-2022-4129 CVE-2022-4379 CVE-2023-0045...

USN-6030-1 linux-snapdragon vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-1281 It was discovered that the System V IPC...

USN-6030-1: Linux kernel (Qualcomm Snapdragon) vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-1281 It was discovered that the System V IPC...

USN-6024-1 linux, linux-aws, linux-azure, linux-gcp, linux-hwe-5.19, linux-kvm, linux-lowlatency, linux-oracle, linux-raspi vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-1281 Lin Ma discovered a race condition in t...

USN-6024-1: Linux kernel vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-1281 Lin Ma discovered a race condition in t...

Ubuntu 16.04 ESM : Linux kernel (GCP) vulnerabilities (USN-6009-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6009-1 advisory. It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use...

USN-6009-1 linux-gcp vulnerabilities

It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service memory exhaustion. CVE-2021-3669 It was discovered that a use-after-free vulnerability existed in the SGI GRU...

USN-6004-1: Linux kernel (Intel IoTG) vulnerabilities

It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. CVE-2022-2196 It was discovered...

USN-6004-1 linux-intel-iotg vulnerabilities

It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. CVE-2022-2196 It was discovered...

USN-6000-1 linux-bluefield vulnerabilities

It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...