rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current->nsproxy

...

sysctl: Fix out of bounds access for empty sysctl registers

...

Linux Distros Unpatched Vulnerability : CVE-2019-20054

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel before 5.0.6, there is a NULL pointer dereference in dropsysctltable in fs/proc/procsysctl.c, related to putlinks, aka CID-23da9588037e...

Linux Distros Unpatched Vulnerability : CVE-2024-27419

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netrom: Fix data-races around sysctlnetbusyread We need to protect the reader reading the sysctl value because the value can be changed concurrently...

Linux Distros Unpatched Vulnerability : CVE-2020-10774

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A memory disclosure flaw was found in the Linux kernel's versions before 4.18.0-193.el8 in the sysctl subsystem when reading the /proc/sys/kernel/rhfeatures fil...

Linux Distros Unpatched Vulnerability : CVE-2022-4378

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local...

SUSE CVE-2022-49967

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a data-race around bpfjitlimit. While reading bpfjitlimit, it can be changed concurrently via sysctl, WRITEONCE in doprocdoulongvecminmax. The size of bpfjitlimit is long, so we need to add a paired READONCE to avoid...

SUSE CVE-2022-50206

In the Linux kernel, the following vulnerability has been resolved: arm64: fix oops in concurrently setting insnemulation sysctls emulationprochandler changes table-data for procdointvecminmax and can generate the following Oops if called concurrently with itself: | Unable to handle kernel NULL...

DEBIAN-CVE-2022-49967

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a data-race around bpfjitlimit. While reading bpfjitlimit, it can be changed concurrently via sysctl, WRITEONCE in doprocdoulongvecminmax. The size of bpfjitlimit is long, so we need to add a paired READONCE to avoid...

UBUNTU-CVE-2022-50206

In the Linux kernel, the following vulnerability has been resolved: arm64: fix oops in concurrently setting insnemulation sysctls emulationprochandler changes table-data for procdointvecminmax and can generate the following Oops if called concurrently with itself: | Unable to handle kernel NULL...

CVE-2022-50206 arm64: fix oops in concurrently setting insn_emulation sysctls

In the Linux kernel, the following vulnerability has been resolved: arm64: fix oops in concurrently setting insnemulation sysctls emulationprochandler changes table-data for procdointvecminmax and can generate the following Oops if called concurrently with itself: | Unable to handle kernel NULL...

CVE-2022-50206

The CVE-2022-50206 issue affects the Linux kernel (ARM64) where emulation_proc_handler() concurrently updates table->data for proc_dointvec_minmax, allowing a NULL pointer dereference Oops. The fix is to keep table->data as &insn->current_mode and to retrieve the insn pointer with contai...

CVE-2022-49967 bpf: Fix a data-race around bpf_jit_limit.

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a data-race around bpfjitlimit. While reading bpfjitlimit, it can be changed concurrently via sysctl, WRITEONCE in doprocdoulongvecminmax. The size of bpfjitlimit is long, so we need to add a paired READONCE to avoid...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a concurrent sysctl operation that could result in a null pointer dereference...

EulerOS 2.0 SP13 : kernel (EulerOS-SA-2025-1618)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : ipv4: Fix a data-race around sysctlfibsyncmem.CVE-2022-49637 ima: Fix potential memory leak in imainitcrypto.CVE-2022-49627 MIPS: pgalloc: fix...

Unbreakable Enterprise kernel security update

5.4.17-2136.343.5.1 - nvme: fix deadlock between reset and scan Bitao Hu Orabug: 37920457 5.4.17-2136.343.5 - sctp: sysctl: authenable: avoid using current-nsproxy Matthieu Baerts NGI0 Orabug: 37846673 - sctp: sysctl: cookiehmacalg: avoid using current-nsproxy Matthieu Baerts NGI0 Orabug: 3784666...

EulerOS 2.0 SP12 : kernel (EulerOS-SA-2025-1422)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : filemap: avoid truncating 64-bit offset to 32 bitsCVE-2025-21665 iomap: avoid avoid truncating 64-bit offset to 32 bitsCVE-2025-21667 fs/proc: fix...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21637)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21637 advisory. - In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: udpport: avoid using...

PT-2025-18840 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the version with the adjusted bpf jit limit Description: A vulnerability in the Linux kernel has been resolved, related to the default bpf jit limit being insufficient. This issue was observed in AWS EKS...

sctp: sysctl: udp_port: avoid using current->nsproxy

...