GSD-2022-1003385 arm64: compat: Do not treat syscall number as ESR_ELx for a bad syscall

arm64: compat: Do not treat syscall number as ESRELx for a bad syscall This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.46 by commit...

GSD-2022-1003104 arm64: compat: Do not treat syscall number as ESR_ELx for a bad syscall

arm64: compat: Do not treat syscall number as ESRELx for a bad syscall This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.14 by commit...

GSD-2022-1002819 arm64: compat: Do not treat syscall number as ESR_ELx for a bad syscall

arm64: compat: Do not treat syscall number as ESRELx for a bad syscall This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.3 by commit...

GHSA-P782-XGP4-8HR8 golang.org/x/sys/unix has Incorrect privilege reporting in syscall

Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Reporting in syscall. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible. Specific Go Packages Affected golang.org/x/sys/unix...

MGASA-2022-0210 Updated golang packages fix security vulnerability

The syscall.Faccessat function checks whether the calling process can access a file. Faccessat contains a bug where it checks a file’s group permission bits if the process’s user is a member of the process’s group rather than a member of the file’s group. CVE-2022-29526...

GO-2022-0220 DLL injection on Windows in runtime and syscall

Go on Windows misused certain LoadLibrary functionality, leading to DLL injection...

GO-2022-0289 Misdirected I/O in syscall

When a Go program running on a Unix system is out of file descriptors and calls syscall.ForkExec including indirectly by using the os/exec package, syscall.ForkExec can close file descriptor 0 as it fails. If this happens or can be provoked repeatedly, it can result in misdirected I/O such as...

CVE-2022-29526

A flaw was found in the syscall.Faccessat function when calling a process by checking the group. This flaw allows an attacker to check the process group permissions rather than a member of the file's group, affecting system availability...

kernel: perf trace: Really free the evsel->priv area

A memory leak flaw was found in the Linux kernel's perf trace tool in the event selector cleanup logic. A local user can trigger this issue by running perf trace commands, causing the tool to free memory based on an incorrect condition check that inverts the intended logic for non-syscall...

CVE-2022-0071

Incomplete fix for CVE-2021-3101. Hotdog, prior to v1.0.2, did not mimic the resource limits, device restrictions, or syscall filters of the target JVM process. This would allow a container to exhaust the resources of the host, modify devices, or make syscalls that would otherwise be blocked...

Design/Logic Flaw

Incomplete fix for CVE-2021-3101. Hotdog, prior to v1.0.2, did not mimic the resource limits, device restrictions, or syscall filters of the target JVM process. This would allow a container to exhaust the resources of the host, modify devices, or make syscalls that would otherwise be blocked...

CVE-2022-0071

CVE-2022-0071 documents confirm an incomplete fix for CVE-2021-3101 in Hotdog prior to v1.0.2. The vulnerability arises because Hotdog did not mimic the resource limits, device restrictions, or syscall filters of the target JVM process. As a result, a container could exhaust host resources, modif...

CVE-2022-0071 Hotdog Container Escape

Incomplete fix for CVE-2021-3101. Hotdog, prior to v1.0.2, did not mimic the resource limits, device restrictions, or syscall filters of the target JVM process. This would allow a container to exhaust the resources of the host, modify devices, or make syscalls that would otherwise be blocked...

A flaw was found in the Linux kernels implementation of audit rules where a syscall can unexpectedly not be correctly not be logged by the audit subsystem

...

PT-2025-8005 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A resolved issue in the Linux kernel involves the mremap syscall. When this syscall is called with old size=0 and ends up in move page tables, it unnecessarily calls invalidate range...

CVE-2020-35501

A flaw was found in the Linux kernels implementation of audit rules, where a syscall can unexpectedly not be correctly not be logged by the audit subsystem...

DEBIAN-CVE-2020-35501

A flaw was found in the Linux kernels implementation of audit rules, where a syscall can unexpectedly not be correctly not be logged by the audit subsystem...

CVE-2020-35501

A flaw was found in the Linux kernels implementation of audit rules, where a syscall can unexpectedly not be correctly not be logged by the audit subsystem...

CVE-2020-35501

A flaw was found in the Linux kernels implementation of audit rules, where a syscall can unexpectedly not be correctly not be logged by the audit subsystem...

UBUNTU-CVE-2020-35501

A flaw was found in the Linux kernels implementation of audit rules, where a syscall can unexpectedly not be correctly not be logged by the audit subsystem...