22 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: coresight: ETR: Fixed the “use-after-free” issue related to ETR buffer usage When ETR is enabled as CSMODESYSFS, if the buffer size is changed and the feature is re-enabled, currently, sysfsbuf will point to the newly allocated...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002430)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002430 advisory. kernel/trace/tracesyscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the ftrace subsystem, which allows loc...
CVE-2025-39914
CVE-2025-39914 affects the Linux kernel tracing subsystem. The issue occurs when a fault injection triggers a failure during chunk allocation in trace_pid_list_alloc, causing trace_pid_list_set to fail and potentially trigger a double registration of the same tracepoint (tracepoint_add_func). The...
DEBIAN-CVE-2025-37923
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix oob write in traceseqtobuffer syzbot reported this bug: ================================================================== BUG: KASAN: slab-out-of-bounds in traceseqtobuffer kernel/trace/trace.c:1830 inline BUG: KASA...
kernel: double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c
A flaw was found in the allocatetracebuffer in kernel/trace/trace.c in the debug subsystem, when failure to allocate a dynamic percpu area, a resource cleanup is called. The pointer buf-buffer still holds the address and is not set to NULL, which can cause a use-after-free problem, leading to a...
Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-3422-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3422-1 advisory. It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically...
USN-3422-2: Linux kernel (Trusty HWE) vulnerabilities
USN-3422-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux...
USN-3422-1: Linux kernel vulnerabilities
It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically proximate attacker could use this to cause a denial of service system crash. CVE-2017-1000251 It was discovered that the asynchronous I/O aio...
USN-3343-1 linux vulnerabilities
USN 3335-1 fixed a vulnerability in the Linux kernel. However, that fix introduced regressions for some Java applications. This update addresses the issue. We apologize for the inconvenience. It was discovered that a use-after-free vulnerability in the core voltage regulator driver of the Linux...
USN-3312-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description USN-3312-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.0...
USN-3313-2 linux-hwe vulnerability
USN-3313-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.10 for Ubuntu 16.04 LTS. It was discovered that a buffer overflow existed in the trace subsystem in the Linux kernel. A...
USN-3312-2: Linux kernel (Xenial HWE) vulnerabilities
USN-3312-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that the netfilter netlink implementation in the Linux kernel did no...
USN-3312-2 linux-lts-xenial vulnerabilities
USN-3312-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that the netfilter netlink implementation in the Linux kernel did no...
USN-3312-1 linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon vulnerabilities
It was discovered that the netfilter netlink implementation in the Linux kernel did not properly validate batch messages. A local attacker with the CAPNETADMIN capability could use this to expose sensitive information or cause a denial of service. CVE-2016-7917 Qian Zhang discovered a heap-based...
USN-3312-1: Linux kernel vulnerabilities
It was discovered that the netfilter netlink implementation in the Linux kernel did not properly validate batch messages. A local attacker with the CAPNETADMIN capability could use this to expose sensitive information or cause a denial of service. CVE-2016-7917 Qian Zhang discovered a heap-based...
Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3312-1)
The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3312-1 advisory. It was discovered that the netfilter netlink implementation in the Linux kernel did not properly validate batch messages. A local attacker with the...
USN-3313-1: Linux kernel vulnerability
It was discovered that a buffer overflow existed in the trace subsystem in the Linux kernel. A privileged local attacker could use this to execute arbitrary code...
CVE-2017-0630
An information disclosure vulnerability in the kernel trace subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10,...
Information disclosure
An information disclosure vulnerability in the kernel trace subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10,...
CVE-2017-0630
An information disclosure vulnerability in the kernel trace subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10,...