CVE-2026-46207

A flaw was found in the Linux kernel's vsock/virtio component. When processing non-linear data buffers for the vsockmon tap device, the system did not correctly initialize the payload. This oversight could lead to uninitialized data being copied to the monitoring interface, potentially resulting ...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000984)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000984 advisory. The sockallocsendpskb function in net/core/sock.c in the Linux kernel before 3.4.5 does not properly validate a certain length value, which allows local users to cau...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002257)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002257 advisory. The sockallocsendpskb function in net/core/sock.c in the Linux kernel before 3.4.5 does not properly validate a certain length value, which allows local users to cau...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001779)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001779 advisory. The sockallocsendpskb function in net/core/sock.c in the Linux kernel before 3.4.5 does not properly validate a certain length value, which allows local users to cau...

EUVD-2012-2136

Malware in sbrugna...

EUVD-2022-52042

Malicious code in bioql PyPI...

EUVD-2023-44445

Malicious code in bioql PyPI...

Fuzzing µC/OS protocol stacks, Part 3: TCP/IP server fuzzing, implementing a TAP driver

This is the final post in the three-part series that details techniques I used to fuzz two µC/OS protocol stacks: µC/TCP-IP and µC/HTTP-server. The first post highlighted code modifications necessary for developing a fuzzing harness tailored for the µC/HTTP-server. The second discussed a techniqu...

SUSE CVE-2022-4744

A double-free flaw was found in the Linux kernel's TUN/TAP device driver functionality in how a user registers the device when the registernetdevice function fails NETDEVREGISTER notifier. This flaw allows a local user to crash or potentially escalate their privileges on the system...

SUSE CVE-2023-3812

An out-of-bounds memory access flaw was found in the Linux kernel's TUN/TAP device driver functionality in how a user generates a malicious too big networking packet when napi frags is enabled. This flaw allows a local user to crash or potentially escalate their privileges on the system...

RHEL 8 : kpatch-patch (RHSA-2023:6799)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6799 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel...

SUSE-SU-2023:3838-1 Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP1)

This update for the Linux Kernel 4.12.14-150100197145 fixes several issues. The following security issues were fixed: - CVE-2023-3776: Fixed improper refcount update in clsfw leads to use-after-free bsc1215119. - CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter...

Oracle Linux 5 : ELSA-2012-0690-1: / kernel (ELSA-2012-06901)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2012-06901 advisory. - The sockallocsendpskb function in net/core/sock.c in the Linux kernel before 3.4.5 does not properly validate a certain length value, which allows local user...

OESA-2023-1470 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In multiple functions of binder.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:3180-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3180-1 advisory. The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security and bugfixes. The following...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:3172-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3172-1 advisory. The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. Th...

CVE-2023-3812

An out-of-bounds memory access flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user generates a malicious too big networking packet when napi frags is enabled. This flaw allows a local user to crash or potentially escalate their privileges on the system...

Rocky Linux 9 : kernel (RLSA-2023:1470)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:1470 advisory. - A flaw was found in the Linux kernel Traffic Control TC subsystem. Using a specific networking configuration redirecting egress packets to ingress usi...

Linux kernel double release vulnerability (CNVD-2023-34466)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a double-release vulnerability that stems from a double-release flaw in the TUN/TAP device driver, which can be exploited by an attacker to crash a...

CVE-2022-4744

A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the registernetdevice function fails NETDEVREGISTER notifier. This flaw allows a local user to crash or potentially escalate their privileges on the system...