Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not freeing socketdata, which could lead to a memory leak...

EUVD-2019-0799

Malware in sbrugna...

EUVD-2011-1747

Malware in sbrugna...

CVE-2022-50265 kcm: annotate data-races around kcm->rx_wait

In the Linux kernel, the following vulnerability has been resolved: kcm: annotate data-races around kcm-rxwait kcm-rxpsock can be read locklessly in kcmrfree. Annotate the read and writes accordingly. syzbot reported: BUG: KCSAN: data-race in kcmrcvstrparser / kcmrfree write to 0xffff88810784e3d0...

CVE-2024-50956

A buffer overflow in the RecvSocketData function of Inovance HCPLCAM401-CPU1608TPTN 21.38.0.0, HCPLCAM402-CPU1608TPTN 41.38.0.0, and HCPLCAM403-CPU1608TN 81.38.0.0 allows attackers to cause a Denial of Service DoS or execute arbitrary code via a crafted Modbus message...

AZL-61905 CVE-2025-40907 affecting package perl-FCGI 0.79-4

FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 aka fcgi library. The included FastCGI library is affected by CVE-2025-23016, causing an integer overflow and resultant heap-based buffer overflow via crafted nameLen or valueLen values in data to the IPC...

OESA-2025-1247 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: afpacket: avoid erroring out after sockinitdata in packetcreate After sockinitdata the allocated sk object is attached to the provided sock object. On error,...

AZL-55187 CVE-2024-56606 affecting package kernel for versions less than 6.6.76.1-1

In the Linux kernel, the following vulnerability has been resolved: afpacket: avoid erroring out after sockinitdata in packetcreate After sockinitdata the allocated sk object is attached to the provided sock object. On error, packetcreate frees the sk object leaving the dangling pointer in the so...

AZL-55242 CVE-2024-56606 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: afpacket: avoid erroring out after sockinitdata in packetcreate After sockinitdata the allocated sk object is attached to the provided sock object. On error, packetcreate frees the sk object leaving the dangling pointer in the so...

CLSA-2024-1733142550 Fix of 13 CVEs

CVE-url: https://ubuntu.com/security/CVE-2023-52614 - time: Introduce jiffies64tomsecs - PM / devfreq: Modify the indentation of transstat sysfs for readability - PM / devfreq: Do not show statistics if it's not ready. - PM / devfreq: Fix buffer overflow in transstatshow Bionic update: upstream...

PT-2024-34471 · Inovance · Inovance Hcplc Am402-Cpu1608Tptn +2

Name of the Vulnerable Software and Affected Versions: Inovance HCPLC AM401-CPU1608TPTN version 21.38.0.0 Inovance HCPLC AM402-CPU1608TPTN version 41.38.0.0 Inovance HCPLC AM403-CPU1608TN version 81.38.0.0 Description: A buffer overflow in the RecvSocketData function allows attackers to cause a...

INOVANCE多款产品 安全漏洞

INOVANCE AM403 is a motion controller from China's Huichuan Technology INOVANCE. A security vulnerability exists in several INOVANCE products, which originates from a buffer overflow in the RecvSocketData function, allowing an attacker to cause a denial of service or execute arbitrary code via a...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the presence of available data on a socket...

kernel: Linux kernel: Denial of Service due to GIC state corruption on NVIDIA T241 platforms

A flaw was found in the Linux kernel. On NVIDIA server platforms utilizing multiple interconnected T241 chips, a local user could trigger a vulnerability in the Generic Interrupt Controller GIC due to incorrect handling of inter-socket data packets. This can corrupt the GIC's internal state,...

GHSA-VPJR-H6FH-MW4P Duplicate Advisory: EVE Freely Allocates Buffer on The Stack With Data From Socket

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-phcg-h58r-gmcq. This link is maintained to preserve external references. Original Description As noted in the “VTPM.md” file in the eve documentation, “VTPM is a server listening on port 8877 in EVE, exposing...

EVE OS Security Vulnerability

EVE OS is a general-purpose, open Linux-based operating system for distributed edge computing open-sourced by IF Edge. EVE OS suffers from a security vulnerability that stems from allowing an attacker to use data from a socket to freely allocate buffers on the stack, which could cause a system...

PT-2025-53192

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a memory leak in the nonstatic release resource db function within the PCMCIA subsystem. When this function frees resources associated with a PCMCIA socket, it...

SUSE CVE-2011-1598

The bcmrelease function in net/can/bcm.c in the Linux kernel before 2.6.39-rc6 does not properly validate a socket data structure, which allows local users to cause a denial of service NULL pointer dereference or possibly have unspecified other impact via a crafted release operation...

SUSE CVE-2011-1748

The rawrelease function in net/can/raw.c in the Linux kernel before 2.6.39-rc6 does not properly validate a socket data structure, which allows local users to cause a denial of service NULL pointer dereference or possibly have unspecified other impact via a crafted release operation...

SUSE CVE-2017-7277

The TCP stack in the Linux kernel through 4.10.6 mishandles the SCMTIMESTAMPINGOPTSTATS feature, which allows local users to obtain sensitive information from the kernel's internal socket data structures or cause a denial of service out-of-bounds read via crafted system calls, related to...