FreeBSD : FreeBSD -- sigqueue(2) missing capability mode restriction (94f20492-6473-11f1-958d-bc241121aa0a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 94f20492-6473-11f1-958d-bc241121aa0a advisory. sigqueue2 was marked as permitted in capability mode with the introduction of Capsicum in 2011, but the...

FreeBSD Security Advisory - FreeBSD-SA-26:28.capsicum

FreeBSD Security Advisory - sigqueue2 was marked as permitted in capability mode with the introduction of Capsicum in 2011, but the implementation of kernsigqueue did not include a capability mode check restricting signal delivery to the calling process's own PID...

FreeBSD -- sigqueue(2) missing capability mode restriction

Problem Description: sigqueue2 was marked as permitted in capability mode with the introduction of Capsicum in 2011, but the implementation of kernsigqueue did not include a capability mode check restricting signal delivery to the calling process's own PID. Impact: A process in capability mode ca...

FreeBSD-SA-26:28.capsicum

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-26:28.capsicum Security Advisory The FreeBSD Project Topic: sigqueue2 missing capability mode restriction Category: core Module: capsicum Announced: 2026-06-09...

ASB-A-425282960

In runposixcputimers of posix-cpu-timers.c, there is a possible way to trigger a use-after-free on a sigqueue object due to memory corruption. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

kernel: signal: restore the override_rlimit logic

In the Linux kernel, the following vulnerability has been resolved: signal: restore the overriderlimit logic Prior to commit d64696905554 "Reimplement RLIMITSIGPENDING on top of ucounts" UCOUNTRLIMITSIGPENDING rlimit was not enforced for a class of signals. However now it's enforced...

AZL-53495 CVE-2024-50271 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: signal: restore the overriderlimit logic Prior to commit d64696905554 "Reimplement RLIMITSIGPENDING on top of ucounts" UCOUNTRLIMITSIGPENDING rlimit was not enforced for a class of signals. However now it's enforced...

UBUNTU-CVE-2024-50271

In the Linux kernel, the following vulnerability has been resolved: signal: restore the overriderlimit logic Prior to commit d64696905554 "Reimplement RLIMITSIGPENDING on top of ucounts" UCOUNTRLIMITSIGPENDING rlimit was not enforced for a class of signals. However now it's enforced...

PT-2024-34099

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns a behavior change in the Linux kernel related to signal handling, specifically with the override rlimit logic. Prior to a certain commit, the UCOUNT RLIMIT SIGPENDIN...

Linux Kernel 2.4/2.6 Sigqueue Blocking Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10096/info A vulnerability has been reported in the Linux Kernel that may permit a malicious local user to affect a system-wide denial of service condition. This issue may be triggered via the Kernel signal queue struct...

Possible DoS on Linux kernel 2.4 and 2.6 using sigqueue overflow.

Hello. We faced a bug ? in Linux kernel causing different misbehaviours on our server. After exploration, it seems that we found some security implications of this issue. When a process exits, it's parent is notified by SIGCHLD, and finished child is kept in process table in "zombie" state until...