CVE-2023-6859

CVE-2023-6859 is a memory-safety vulnerability described as a use-after-free affecting TLS socket creation under memory pressure. Affected products include Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox

kernel: Linux kernel: Denial of Service in RDMA/rxe due to null-pointer dereference

A flaw was found in the Linux kernel. A local user could trigger a null-pointer dereference within the Remote Direct Memory Access RDMA subsystem's rxe component. This occurs when a socket creation fails, leading to a system crash and a Denial of Service DoS...

SUSE-SU-2023:4376-1 Security update for redis

This update for redis fixes the following issues: - CVE-2023-45145: Fixed a potential permission bypass due to a race condition during UNIX socket creation bsc1216376...

SUSE CVE-2016-5104

The socketcreate function in common/socket.c in libimobiledevice and libusbmuxd allows remote attackers to bypass intended access restrictions and communicate with services on iOS devices by connecting to an IPv4 TCP socket...

SUSE CVE-2019-17056

llcpsockcreate in net/nfc/llcpsock.c in the AFNFC network module in the Linux kernel through 5.3.2 does not enforce CAPNETRAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176...

Race condition

A vulnerability in the IP Service Level Agreements IP SLA responder and Two-Way Active Measurement Protocol TWAMP features of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause device packet memory to become exhausted or cause the IP SLA process to crash, resulting in ...

The vulnerability in the net/nfc/rawsock.c function of the Linux operating system allows a attacker to compromise the integrity of protected information.

The vulnerability in the net/nfc/rawsock.c function of the Linux operating system is related to the lack of checking for CAPNETRAW when creating a NFC socket. Exploiting this vulnerability can allow an attacker to compromise the integrity of the protected information...

SUSE SLES12 Security Update : kernel (SUSE-SU-2020:2904-1)

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2020-26088: Fixed an improper CAPNETRAW check in NFC socket creation could have been used by local attackers to create raw sockets, bypassing security...

SUSE-SU-2020:2904-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-26088: Fixed an improper CAPNETRAW check in NFC socket creation could have been used by local attackers to create raw sockets, bypassing security...

CVE-2020-26088

A missing CAPNETRAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel before 5.8.2 could be used by local attackers to create raw sockets, bypassing security mechanisms, aka CID-26896f01467a...

CVE-2020-26088

A missing CAPNETRAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel before 5.8.2 could be used by local attackers to create raw sockets, bypassing security mechanisms, aka CID-26896f01467a...

CVE-2020-26088

CVE-2020-26088 affects the Linux kernel up to version 5.8.2, where a missing CAP_NET_RAW check in NFC socket creation (net/nfc/rawsock.c) could let a local attacker create raw sockets and bypass security mechanisms. This is demonstrated in multiple Nessus advisories (Unity Linux/OpenSUSE/EulerOS ...

The vulnerability of the `ieee802154_create` function in the `net/ieee802154/socket.c` module of the AF_IEEE802154 kernel of the Linux operating system, related to default access rights settings, allows an attacker to compromise data integrity.

The vulnerability of the ieee802154create function in the net/ieee802154/socket.c module of the AFIEEE802154 module in the Linux kernel is related to a lack of mechanisms for standard permissions. Exploiting this vulnerability could allow unauthorized access to data integrity...

Linux/x86 - Bind Shell Generator Shellcode (114 bytes)

Title: Linux/x86 - Bind Shell Generator Shellcode 114 bytes Author: Bobby Cooke Tested On: Ubuntu 3.13.0-32-generic 57precise1-Ubuntu i386 !/usr/bin/python Take users TCP port as input port = rawinput"Enter TCP Port Number: " Convert input string to an integer deciPort = intport Format the intege...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1505)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2019:14218-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 11-SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-11135: Aborting an asynchronous TSX operation on Intel CPUs with Transactional Memory support could be used to facilitate sidechannel information leaks...

OPENSUSE-SU-2019:2444-1 Security update for the Linux Kernel

The openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-16995: A memory leak exits in hsrdevfinalize in net/hsr/hsrdevice.c. if hsraddport fails to add a port, which may cause denial of service, aka CID-6caabe7f197d...

CVE-2019-17056

llcpsockcreate in net/nfc/llcpsock.c in the AFNFC network module in the Linux kernel through 5.3.2 does not enforce CAPNETRAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176...

CVE-2019-17053

CVE-2019-17053 affects the Linux kernel's ieee802154_create in net/ieee802154/socket.c (AF_IEEE802154) up to version 5.3.2, where CAP_NET_RAW is not enforced. This allows unprivileged users to create a raw socket (local, low complexity). The connected documents reiterate the same description but ...

CentOS 7 : ruby (CESA-2019:2028)

An update for ruby is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...