EUVD-2024-53248

Malicious code in bioql PyPI...

Azure Linux 3.0 Security Update: kernel (CVE-2024-56603)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-56603 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: afcan: do not leave a dangling sk...

SUSE CVE-2024-56603

In the Linux kernel, the following vulnerability has been resolved: net: afcan: do not leave a dangling sk pointer in cancreate On error cancreate frees the allocated sk object, but sockinitdata has already attached it to the provided sock object. This will leave a dangling sk pointer in the sock...

CVE-2024-56602

A user-after-free vulnerability was found in the linux kernel. sockinitdata attaches the allocated sk object to the provided sock object. If ieee802154create fails later, the allocated sk object is freed, but the dangling pointer remains in the provided sock object, leading to a crash and loss of...

AZL-55539 CVE-2024-56601 affecting package kernel for versions less than 6.6.76.1-1

In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inetcreate sockinitdata attaches the allocated sk object to the provided sock object. If inetcreate fails later, the sk object is freed, but the sock object retains the dangling...

CVE-2024-56601

In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inetcreate sockinitdata attaches the allocated sk object to the provided sock object. If inetcreate fails later, the sk object is freed, but the sock object retains the dangling...

Linux Kernel 4.10.5 4.14.3 (Ubuntu) - DCCP Socket Use-After-Free

Linux Kernel 4.10.5 4.14.3 Ubuntu - DCCP Socket Use-After-Free / This is an announcement for CVE-2017-8824 which is a use-after-free vulnerability I found in Linux DCCP socket. It can be used to gain kernel code execution from unprivileged processes. You’ll find in attachment the proof of concept...

Linux Kernel (Ubuntu 17.04) - XFRM Local Privilege Escalation

Linux Kernel Ubuntu 17.04 - XFRM Local Privilege Escalation Vulnerability Summary The following advisory describes a Use-after-free vulnerability found in Linux kernel that can lead to privilege escalation. The vulnerability found in Netlink socket subsystem – XFRM. Netlink is used to transfer...

Linux Kernel (Ubuntu 17.04) - 'XFRM' Local Privilege Escalation

Vulnerability Summary The following advisory describes a Use-after-free vulnerability found in Linux kernel that can lead to privilege escalation. The vulnerability found in Netlink socket subsystem – XFRM. Netlink is used to transfer information between the kernel and user-space processes. It...