9 matches found
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011194)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011194 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix repeated calls to sockput when msg has moredata In tcpbpfsendverdict redirectio...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-006964)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006964 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix repeated calls to sockput when msg has moredata In tcpbpfsendverdict redirectio...
CVE-2026-31408 Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix use-after-free in scorecvframe due to missing sockhold scorecvframe reads conn-sk under scoconnlock but immediately releases the lock without holding a reference to the socket. A concurrent close can free the...
CVE-2022-50536
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix repeated calls to sockput when msg has moredata In tcpbpfsendverdict redirection, the eval variable is assigned to SKREDIRECT after the applybytes data is sent, if msg has moredata, sockput will be called multip...
CVE-2022-50536 bpf, sockmap: Fix repeated calls to sock_put() when msg has more_data
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix repeated calls to sockput when msg has moredata In tcpbpfsendverdict redirection, the eval variable is assigned to SKREDIRECT after the applybytes data is sent, if msg has moredata, sockput will be called multip...
The vulnerability of the sock_put() function in the net/ipv4/tcp_bpf.c module of the Linux operating system allows a hacker to increase their privileges.
The vulnerability of the sockput function in the net/ipv4/tcpbpf.c module of the Linux kernel relates to the possibility of using memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...
CVE-2022-49014 net: tun: Fix use-after-free in tun_detach()
In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix use-after-free in tundetach syzbot reported use-after-free in tundetach 1. This causes call trace like below: ================================================================== BUG: KASAN: use-after-free in...
CVE-2024-36904
In the Linux kernel, the following vulnerability has been resolved: tcp: Use refcountincnotzero in tcptwskunique. Anderson Nascimento reported a use-after-free splat in tcptwskunique with nice analysis. Since commit ec94c2696f0b "tcp/dccp: avoid one atomic operation for timewait hashdance",...
Linux Kernel 4.11.8 - mq_notify: double sock_put() Local Privilege Escalation
Linux Kernel 4.11.8 - mqnotify: double sockput Local Privilege Escalation / CVE-2017-11176: "mqnotify: double sockput" by LEXFO 2018. DISCLAIMER: The following code is for EDUCATIONAL purpose only. Do not use it on a system without authorizations. WARNING: The exploit WILL NOT work on your target...