Important: Red Hat Security Advisory: grafana security update

An update for grafana is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

RHEL 10 : gvisor-tap-vsock (RHSA-2026:17084)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:17084 advisory. A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor. Compared to libslirp,...

EUVD-2020-20986

Malware in sbrugna...

PT-2025-26448 · Redoxos · Redoxos Kernel

Name of the Vulnerable Software and Affected Versions: redoxOS kernel versions before commit 5d41cd7c Description: The issue allows a local attacker to cause a denial of service via the setitimer syscall. Recommendations: For versions before commit 5d41cd7c, update to a version that includes the...

CVE-2020-11221

Usage of syscall by non-secure entity can allow extraction of secure QTEE diagnostic information in clear text form due to insufficient checks in the syscall handler and leads to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT,...

CVE-2022-49863 can: af_can: fix NULL pointer dereference in can_rx_register()

In the Linux kernel, the following vulnerability has been resolved: can: afcan: fix NULL pointer dereference in canrxregister It causes NULL pointer dereference when testing as following: a use syscallNRsocket, 0x10ul, 3ul, 0 to create netlink socket. b use syscallNRsendmsg, ... to create bond li...

Siemens SCALANCE W700 Externally Controlled Reference to a Resource in Another Sphere (CVE-2023-0045)

The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ibprctlset function updates the Thread Information Flags TIFs for the task and updates the SPECCTRL MSR on the function speculationctrlupdate, but the IBPB is only issued on the next schedul...

CVE-2025-21687 vfio/platform: check the bounds of read/write syscalls

In the Linux kernel, the following vulnerability has been resolved: vfio/platform: check the bounds of read/write syscalls count and offset are passed from user space and not checked, only offset is capped to 40 bits, which can be used to read/write out of bounds of the device...

CVE-2023-0045

The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ibprctlset function updates the Thread Information Flags TIFs for the task and updates the SPECCTRL MSR on the function speculationctrlupdate, but the IBPB is only issued on the next...

GSD-2022-1006267 arm64: Do not forget syscall when starting a new thread.

arm64: Do not forget syscall when starting a new thread. This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.291 by commit...

GSD-2022-1003773 arm64: compat: Do not treat syscall number as ESR_ELx for a bad syscall

arm64: compat: Do not treat syscall number as ESRELx for a bad syscall This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.198 by commit...

Information Disclosure

kernel is vulnerable to information disclosure. The vulnerability exists through the syscall implementation on 32-bit systems...

Integer overflow

An integer wrap in kernel/sys/syscall.c in ToaruOS 1.10.10 allows users to map arbitrary kernel pages into userland process space via TOARUSYSFUNCMMAP, leading to escalation of privileges...

MGASA-2018-0187 Updated kernel packages fix security vulnerabilities

This kernel update is based on the upstream 4.14.30 and fixes at least the following security issues: The KPTI mitigation for Meltdown CVE-2017-5754 on 32bit x86 has been updated to revision 4. A flaw was found in the Linux kernel implementation of 32 bit syscall interface for bridging allowing a...

CVE-2014-7825

kernel/trace/tracesyscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the perf subsystem, which allows local users to cause a denial of service out-of-bounds read and OOPS or bypass the ASLR protection mechanism via a crafted application...

Updated kernel-rt packages fix security vulnerability

This kernel update provides an update to 3.12.9 and fixes the following critical security issue: Pageexec reported a bug in the Linux kernel's recvmmsg syscall when called from code using the x32 ABI. An unprivileged local user could exploit this flaw to cause a denial of service system crash or...

RHEL 4 : kernel (RHSA-2007:0937)

The remote Redhat Enterprise Linux 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2007:0937 advisory. - x8664 syscall vulnerability CVE-2007-4573 Note that Nessus has not tested for this issue but has instead relied only on the application's...

PaX Double-Mirrored VMA munmap Local Root Exploit

Exploit for linux platform in category local exploits ================================================= PaX Double-Mirrored VMA munmap Local Root Exploit ================================================= / PaX double-mirrored VMA munmap local root exploit Copyright C 2005 Christophe Devine This...