36 matches found
FreeBSD 安全漏洞
FreeBSD is a Unix-like operating system developed by the FreeBSD Foundation. FreeBSD has a security vulnerability that stems from the use of select to wait for data, without verifying whether the socket descriptor is within the FDSETSIZE limit. This vulnerability may lead to stack corruption and...
CVE-2026-2261
Due to a programming error, blocklistd leaks a socket descriptor for each adverse event report it receives. Once a certain number of leaked sockets is reached, blocklistd becomes unable to run the helper script: a child process is forked, but this child dereferences a null pointer and crashes...
EUVD-2026-10332
Due to a programming error, blocklistd leaks a socket descriptor for each adverse event report it receives. Once a certain number of leaked sockets is reached, blocklistd becomes unable to run the helper script: a child process is forked, but this child dereferences a null pointer and crashes...
CVE-2026-2261
Due to a programming error, blocklistd leaks a socket descriptor for each adverse event report it receives. Once a certain number of leaked sockets is reached, blocklistd becomes unable to run the helper script: a child process is forked, but this child dereferences a null pointer and crashes...
FreeBSD 安全漏洞
FreeBSD is a Unix-like operating system developed by the FreeBSD Foundation. There is a security vulnerability in FreeBSD, which stems from a programming error that causes socket descriptors to be leaked. This vulnerability may cause blocklistd to fail and affect system performance...
FreeBSD : FreeBSD -- blocklistd(8) socket leak (8d8012e5-0705-11f1-8148-bc241121aa0a)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 8d8012e5-0705-11f1-8148-bc241121aa0a advisory. Due to a programming error, blocklistd leaks a socket descriptor for each adverse event report it...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001124)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001124 advisory. In net/socket.c in the Linux kernel through 4.17.1, there is a race condition between fchownat and close in cases where they target the same socket file descriptor,...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002732)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002732 advisory. In net/socket.c in the Linux kernel through 4.17.1, there is a race condition between fchownat and close in cases where they target the same socket file descriptor,...
Siemens SIMATIC S7-1500 Improper Input Validation (CVE-2018-19591)
In the GNU C Library aka glibc or libc6 through 2.28, attempting to resolve a crafted hostname via getaddrinfo leads to the allocation of a socket descriptor that is not closed. This is related to the ifnametoindex function. This plugin only works with Tenable.ot. Please visit...
EUVD-2018-11280
Malware in sbrugna...
DEBIAN-CVE-2024-46677
In the Linux kernel, the following vulnerability has been resolved: gtp: fix a potential NULL pointer dereference When sockfdlookup fails, gtpencapenablesocket returns a NULL pointer, but its callers only check for error pointers thus miss the NULL pointer case. Fix it by returning an error point...
K30002521: GNU C Library vulnerability CVE-2018-19591
Security Advisory Description In the GNU C Library aka glibc or libc6 through 2.28, attempting to resolve a crafted hostname via getaddrinfo leads to the allocation of a socket descriptor that is not closed. This is related to the ifnametoindex function. CVE-2018-19591 Impact There is no impact; ...
SUSE CVE-2017-3144
A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. Affects ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6. Older versions may also be affected but are well beyond...
CVE-2022-21504
The code in UEK6 U3 was missing an appropiate file descriptor count to be missing. This resulted in a use count error that allowed a file descriptor to a socket to be closed and freed while it was still in use by another portion of the kernel. An attack with local access can operate on the socket...
Oracle UEK 6 资源管理错误漏洞
Oracle UEK 6 is an Oracle-built Linux kernel from Oracle Corporation and is supported through Oracle Linux Support. A resource management error vulnerability exists in Oracle UEK 6 that stems from code in UEK 6 U3 that lacks proper file descriptor counting. This results in a usage count error tha...
Advisory ROSA-SA-2021-1822
Software: dhcp 4.2.5 OS: Cobalt 7.9 CVE-ID: CVE-2013-2494 CVE-Crit: HIGH CVE-DESC: libdns in ISC DHCP 4.2.x through 4.2.5-P1 allows remote name servers to cause a denial of service memory consumption using vectors that include a regular expression, as demonstrated by a memory scarcity attack on a...
CVE-2017-3144
ISC DHCP vulnerability CVE-2017-3144 arises from failure to properly clean up closed OMAPI connections, which can exhaust the DHCP server’s socket descriptor pool and cause a denial of service. Affected releases include ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, and 4.3.0 to 4.3.6; older vers...
Medium: glibc
Issue Overview: In the GNU C Library aka glibc or libc6 through 2.28, attempting to resolve a crafted hostname via getaddrinfo leads to the allocation of a socket descriptor that is not closed. This is related to the ifnametoindex function.CVE-2018-19591 Affected Packages: glibc Note: This adviso...
DEBIAN-CVE-2018-19591
In the GNU C Library aka glibc or libc6 through 2.28, attempting to resolve a crafted hostname via getaddrinfo leads to the allocation of a socket descriptor that is not closed. This is related to the ifnametoindex function...
CVE-2018-19591
In the GNU C Library aka glibc or libc6 through 2.28, attempting to resolve a crafted hostname via getaddrinfo leads to the allocation of a socket descriptor that is not closed. This is related to the ifnametoindex function...