Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000881)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000881 advisory. net/rds/sysctl.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001747)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001747 advisory. A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user t...

CVE-2025-21639

In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: rtomin/max: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...

UBUNTU-CVE-2025-21641

In the Linux kernel, the following vulnerability has been resolved: mptcp: sysctl: blackhole timeout: avoid using current-nsproxy As mentioned in the previous commit, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...

CVE-2024-42312

In the Linux kernel, the following vulnerability has been resolved: sysctl: always initialize iuid/igid Always initialize iuid/igid inside the sysfs core so setownership can safely skip setting them. Commit 5ec27ec735ba "fs/proc/procsysctl.c: fix the default values of iuid/igid on /proc/sys...

USN-5860-1 linux-gke vulnerabilities

Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2022-4378 Tamás Koczka discovered that the Bluetooth L2CAP handshake...

USN-5799-1 linux-oem-5.17, linux-oem-6.0 vulnerability

Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

cri-o: pod with access to 'hostIPC' and 'hostNetwork' kernel namespace allows sysctl from the list of safe sysctls to be applied to the host

An incorrect sysctls validation vulnerability was found in CRI-O. The sysctls from the list of "safe" sysctls specified for the cluster 0 will be applied to the host if an attacker can create a pod with a hostIPC and hostNetwork kernel namespace...

CVE-2018-6954

systemd-tmpfiles in systemd through 237 mishandles symlinks present in non-terminal path components, which allows local users to obtain ownership of arbitrary files via vectors involving creation of a directory and a file under that directory, and later replacing that directory with a symlink. Th...

CVE-2015-2042

net/rds/sysctl.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry...

CVE-2015-2041

net/llc/sysctlnetllc.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry...

kernel: sysctl: restrict write access to dmesg_restrict

The sysrqsysctlhandler function in kernel/sysctl.c in the Linux kernel before 2.6.39 does not require the CAPSYSADMIN capability to modify the dmesgrestrict value, which allows local users to bypass intended access restrictions and read the kernel ring buffer by leveraging root privileges, as...

OpenBSD sysctl DoS

No description provided...

Linux kernel does not properly validate user input via sysctl for negative value

Overview Unprivileged local users can exploit the sysctl Linux kernel program to gain privileged access. Description A program called sysctl in the Linux kernel allows a privileged local user to read or write runtime system settings. Unprivileged local users are also allowed to use sysctl to read...