1069 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed issues related to data races around sysctltcpfastopenblackholetimeout. When reading sysctltcpfastopenblackholetimeout, it can be changed concurrently. Therefore, we need to add READONCE to its readers...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed a data race around sysctltcpthinlineartimeouts. While reading sysctltcpthinlineartimeouts, it can be changed concurrently. Therefore, we need to add READONCE to its reader...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel before version 6.1.13, there is a double-free in the net/mpls/afmpls.c file when an allocation failure occurs due to registering the sysctl table under a new location during the renaming of a device...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ICMP: Fixed data races related to sysctlicmpechoenableprobe. When reading sysctlicmpechoenableprobe, it is possible for the value to be changed concurrently. Therefore, we need to add READONCE to its readers...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ipv4: The issue related to data races around sysctlfibmultipathhashfields has been fixed. When reading sysctlfibmultipathhashfields, it is possible for the data to be changed concurrently. Therefore, we need to add READONCE to it...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed a data race around the sysctltcpprobethreshold function. When reading sysctltcpprobethreshold, it can be changed concurrently. Therefore, we need to add READONCE to its reader...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed a data race around the sysctltcpprobeinterval function. When reading sysctltcpprobeinterval, it can be changed concurrently. Therefore, we need to add READONCE to its reader...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: sysctl: Always initialize iuid/igid. iuid/igid is always initialized within the sysfs core, so setownership can safely skip setting them. Commit 5ec27ec735ba “fs/proc/procsysctl.c: fix the default values of iuid/igid on...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed a data race around sysctltcpmtuprobefloor. While reading sysctltcpmtuprobefloor, it can be changed concurrently. Therefore, we need to add READONCE to its reader...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: sysctl: Data races have been fixed in procdou8vecminmax. A sysctl variable is accessed concurrently, and there is always a risk of data races. Therefore, both readers and writers require some basic protection to avoid load/store...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed data races related to sysctltcpmaxreordering. When reading sysctltcpmaxreordering, it can be changed concurrently. Therefore, we need to add READONCE to its readers...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ip: Fixed a data race related to sysctlipautobindreuse. When reading sysctlipautobindreuse, it can be changed concurrently. Therefore, we need to add READONCE to its reader function...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: raw: Fixed a data race around sysctlrawl3mdevaccept. While reading sysctlrawl3mdevaccept, it can be changed concurrently. Therefore, we need to add READONCE to its reader function...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: sysctl: Data race issues in procdouintvec have been fixed. A sysctl variable is accessed concurrently, and there is always a risk of data races. Therefore, both readers and writers need some basic protection to avoid load/store...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: sysctl: Data race issues in procdouintvecminmax have been fixed. A sysctl variable is accessed concurrently, and there is always a risk of data races. Therefore, both readers and writers need some basic protection to avoid data...
Astra Linux - уязвимость в linux-5.10, linux-5.15
A stack overflow flaw was discovered in the Linux kernel’s SYSCTL subsystem regarding how a user modifies certain kernel parameters and variables. This flaw allows a local user to crash the system or potentially escalate their privileges on the system...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctltcpmigratereq. While reading sysctltcpmigratereq, it can be changed concurrently. Thus, we need to add READONCE to its readers...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed a data race around sysctltcpecnfallback. While reading sysctltcpecnfallback, it can be changed concurrently. Therefore, we need to add READONCE to its reader...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerabilities have been resolved: IGMP: Fixed data races related to sysctligmpllmreports. When reading sysctligmpllmreports, it can be changed concurrently. Therefore, we need to add READONCE to its readers. This test can be incorporated into a helper function...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: cookiehmacalg: avoid using current-nsproxy As mentioned in a previous commit of this series, using the net structure via current is not recommended for various reasons: - Inconsistency: obtaining information from th...