Astra Linux - уязвимость в linux, linux-5.10

In socksocknested of sock.c, there is a potential exploit after the free function due to a race condition. This could lead to a local escalation of privileges, as the execution privileges required by the system are involved. User interaction is not required for this exploitation. Product: Android...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414472)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414472 advisory. In locksocknested of sock.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution...

K16011: Linux kernel vulnerability CVE-2012-6657

Security Advisory Description The socksetsockopt function in net/core/sock.c in the Linux kernel before 3.5.7 does not ensure that a keepalive action is associated with a stream socket, which allows local users to cause a denial of service system crash by leveraging the ability to create a raw...

UBUNTU-CVE-2022-20154

In locksocknested of sock.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2021-4203

A use-after-free read flaw was found in sockgetsockopt in net/core/sock.c due to SOPEERCRED and SOPEERGROUPS race with listen and connect in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information...

CVE-2021-4203

A use-after-free read flaw was found in sockgetsockopt in net/core/sock.c due to SOPEERCRED and SOPEERGROUPS race with listen and connect in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information...

CVE-2021-4203

CVE-2021-4203 is a Linux kernel use-after-free read flaw in sock_getsockopt() triggered by a race between SO_PEERCRED/SO_PEERGROUPS and listen()/connect(). An authenticated local attacker could crash the system or leak kernel information. The connected IBM advisories document affected products (I...

Linux kernel denial of service vulnerability (CNVD-2022-69201)

Linux kernel is the kernel used by the Linux Foundation's open source operating system, Linux. Linux kernel is vulnerable to a denial-of-service vulnerability caused by a "use before read" flaw in the sockgetsockopt function in net/core/sock.c. " flaw in the sockgetsockopt function in...

CVE-2021-4203

A use-after-free read flaw was found in sockgetsockopt in net/core/sock.c due to SOPEERCRED and SOPEERGROUPS race with listen and connect in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information. Mitigation Mitigation for this...

CVE-2019-11884

The CVE-2019-11884 entry affects the Linux kernel's HIDP path. It concerns the do_hidp_sock_ioctl in net/bluetooth/hidp/sock.c, where a HIDPCONNADD command can leak data from kernel stack memory due to a name field not properly ending with a NUL terminator. The vulnerability allows local attacker...

Information Disclosure

kernel-rt is vulnerable to information disclosure. The vulnerability exists as the rfcommsockrecvmsg function in net/bluetooth/rfcomm/sock.c does not initialize a certain length variable...

DEBIAN-CVE-2018-9568

In skclonelock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID:...

UBUNTU-CVE-2018-9568

In skclonelock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID:...

PT-2018-2703 · Google +5 · Android Kernel +5

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible memory corruption due to type confusion in the sk clone lock function of sock.c. This could lead to local escalation of privilege with no additional execution privileges needed...

CVE-2012-6704

CVE-2012-6704 affects the Linux kernel prior to 3.5. The sock_setsockopt path in net/core/sock.c mishandles negative values for sk_sndbuf/sk_rcvbuf, enabling a local attacker with CAP_NET_ADMIN to trigger memory corruption and a possible denial of service (memory corruption/system crash). Affecte...

kernel: unlimited socket backlog DoS

The socket implementation in net/core/sock.c in the Linux kernel before 2.6.34 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service memory consumption by sending a large amount of network traffic, as demonstrated by netperf UDP tests...

Linux Kernel sock.c SO_BSDCOMPAT选项信息泄露漏洞

BUGTRAQ ID: 33846 CVECAN ID: CVE-2009-0676 Linux Kernel是开放源码操作系统Linux所使用的内核。 在Linux Kernel的net/core/sock.c文件的sockgetsockopt函数中，如果设置了SOBSDCOMPA选项的话optval v.val就会被错误的初始化并直接返回给用户域，导致信息泄露。 Linux kernel 2.6.x 厂商补丁： Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

Linux Kernel 2.6.x - 'sock.c' SO_BSDCOMPAT Option Information Disclosure

/ source: https://www.securityfocus.com/bid/33846/info The Linux Kernel is prone to an information-disclosure vulnerability because it fails to properly initialize certain memory before using using it in a user-accessible operation. Successful exploits will allow attackers to view portions of...