7 matches found
GHSA-3PQC-836W-JGR7 Outray cli is vulnerable to race conditions in tunnels creation
Summary A TOCTOU race condition vulnerability allows a user to exceed the set number of active tunnels in their subscription plan. Details Affected conponent: apps/web/src/routes/api/tunnel/register.ts - /tunnel/register endpoint code-: ts // Check if tunnel already exists in database const...
CVE-2023-53809
In the Linux kernel, the following vulnerability has been resolved: l2tp: Avoid possible recursive deadlock in l2tptunnelregister When a file descriptor of pppol2tp socket is passed as file descriptor of UDP socket, a recursive deadlock occurs in l2tptunnelregister. This situation is reproduced b...
UBUNTU-CVE-2023-53809
In the Linux kernel, the following vulnerability has been resolved: l2tp: Avoid possible recursive deadlock in l2tptunnelregister When a file descriptor of pppol2tp socket is passed as file descriptor of UDP socket, a recursive deadlock occurs in l2tptunnelregister. This situation is reproduced b...
Vulnerabilities in the l2tp_xmit_core(), l2tp_tunnel_create(), and l2tp_tunnel_register() functions of the Linux operating system’s kernel, allowing attackers to cause service interruptions.
The vulnerabilities of the l2tpxmitcore, l2tptunnelcreate, and l2tptunnelregister functions in the Linux kernel are related to improper resource locking. Exploiting these vulnerabilities can allow an attacker to cause service failures...
UBUNTU-CVE-2023-53020
In the Linux kernel, the following vulnerability has been resolved: l2tp: close all race conditions in l2tptunnelregister The code in l2tptunnelregister is racy in several ways: 1. It modifies the tunnel socket after publishing it. 2. It calls setupudptunnelsock on an existing socket without...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a race condition in l2tp tunnel registration...
kernel: l2tp: close all race conditions in l2tp_tunnel_register()
In the Linux kernel, the following vulnerability has been resolved: l2tp: close all race conditions in l2tptunnelregister The code in l2tptunnelregister is racy in several ways: 1. It modifies the tunnel socket after publishing it. 2. It calls setupudptunnelsock on an existing socket without...