52 matches found
CVE-2025-21820
CVE-2025-21820 affects the Linux kernel tty/xilinx_uartps driver. A deadlock could occur due to a circular lock dependency between uart_port_lock and console_lock when handling sysrq. The fix splits sysrq handling into two parts: using a prepare step under the port lock and deferring actual handl...
CVE-2025-21820 tty: xilinx_uartps: split sysrq handling
In the Linux kernel, the following vulnerability has been resolved: tty: xilinxuartps: split sysrq handling lockdep detects the following circular locking dependency: CPU 0 CPU 1 ========================== ============================ cdnsuartisr printk uartportlockport consolelock...
CVE-2025-21820
In the Linux kernel, the following vulnerability has been resolved: tty: xilinxuartps: split sysrq handling lockdep detects the following circular locking dependency: CPU 0 CPU 1 ========================== ============================ cdnsuartisr printk uartportlockport consolelock...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the failure to properly handle sysrq in the cdnsuartconsolewrite function, which could lead to a deadlock...
PUB-A-325927059
There is a possible Local bypass of user interaction due to an insecure default value. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2021-47590
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix deadlock in mptcppushpending mptcppushpending may call mptcpflushjoinlist with subflow socket lock held. If such call hits mptcpsockoptsyncall then subsequently mptcpsockoptsync could try to lock the subflow socket for...
CVE-2021-47590
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix deadlock in mptcppushpending mptcppushpending may call mptcpflushjoinlist with subflow socket lock held. If such call hits mptcpsockoptsyncall then subsequently mptcpsockoptsync could try to lock the subflow socket for...
CVE-2021-47590 mptcp: fix deadlock in __mptcp_push_pending()
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix deadlock in mptcppushpending mptcppushpending may call mptcpflushjoinlist with subflow socket lock held. If such call hits mptcpsockoptsyncall then subsequently mptcpsockoptsync could try to lock the subflow socket for...
SUSE CVE-2016-3707
The icmpchecksysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to execute SysRq commands via crafted ICMP Ech...
GSD-2022-1003208 sysrq: do not omit current cpu when showing backtrace of all active CPUs
sysrq: do not omit current cpu when showing backtrace of all active CPUs This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.47 by commit...
GSD-2022-1002898 sysrq: do not omit current cpu when showing backtrace of all active CPUs
sysrq: do not omit current cpu when showing backtrace of all active CPUs This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.15 by commit...
GSD-2022-1002537 sysrq: do not omit current cpu when showing backtrace of all active CPUs
sysrq: do not omit current cpu when showing backtrace of all active CPUs This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.4 by commit...
SYS.2.3.A20
Es SOLLTE festgelegt werden, welche SysRq-Funktionen von den Benutzern ausgefuehrt werden duerfen. Generell SOLLTEN keine kritischen SysRq-Funktionen von den Benutzern ausgeloest werden koennen. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced...
Remote Command Execution
kernel-rt is vulnerable to remote command execution. The vulnerability exists as a brute-force attack can be used to retrieve a cookie which can be used to execute SysRq commands via ICMP Echo Request packets...
Nexus 9 vs. Malicious Headphones, Take Two
Nexus 9 vs. Malicious Headphones, Take Two In March 2017 we disclosed CVE-2017-0510, a critical vulnerability in Nexus 9, that allowed for quite unique an attack by malicious headphones. Interestingly, its patch was insufficient. We had responsibly reported that finding CVE-2017-0648 to Google,...
CVE-2016-3707
The icmpchecksysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to execute SysRq commands via crafted ICMP Ech...
CVE-2016-3707
The icmpchecksysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to execute SysRq commands via crafted ICMP Ech...
CVE-2016-3707
The icmpchecksysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to execute SysRq commands via crafted ICMP Ech...
Design/Logic Flaw
The icmpchecksysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to execute SysRq commands via crafted ICMP Ech...
UBUNTU-CVE-2016-3707
The icmpchecksysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to execute SysRq commands via crafted ICMP Ech...