Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: NFS: Issues with the LTP test failing when timestamps are delegated have been fixed. The utimes01 and utime06 tests fail when delegated timestamps are enabled, especially in subtests that modify the atime and mtime fields using t...

MiracleLinux 3 : iscsi-initiator-utils-6.2.0.865-0.8.1AXS3 (AXBA:2008-335:02)

The remote MiracleLinux 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXBA:2008-335:02 advisory. - usr/mgmtipc.c in iscsid in open-iscsi iscsi-initiator-utils before 2.0-865 checks the client's UID on the listening AFLOCAL socket instead of the n...

MiracleLinux 3 : iscsi-initiator-utils-6.2.0.865-0.8.1AXS3 (AXBA:2008-141:01)

The remote MiracleLinux 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXBA:2008-141:01 advisory. - usr/mgmtipc.c in iscsid in open-iscsi iscsi-initiator-utils before 2.0-865 checks the client's UID on the listening AFLOCAL socket instead of the n...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003871)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003871 advisory. In PolicyKit aka polkit 0.115, the start time protection mechanism can be bypassed because fork is not atomic, and therefore authorization decisions are improperly...

SUSE CVE-2025-68242

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix LTP test failures when timestamps are delegated The utimes01 and utime06 tests fail when delegated timestamps are enabled, specifically in subtests that modify the atime and mtime fields using the 'nobody' user ID. The...

CVE-2025-68242

CVE-2025-68242 concerns the Linux kernel NFS attribute handling. The description notes that when delegated timestamps are allowed, the kernel’s nfs_setattr does not verify the inode UID against the caller’s fsuid, leading to failures in LTP tests utimes01/utime06 (the tests modify atime/mtime usi...

CVE-2025-68242 NFS: Fix LTP test failures when timestamps are delegated

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix LTP test failures when timestamps are delegated The utimes01 and utime06 tests fail when delegated timestamps are enabled, specifically in subtests that modify the atime and mtime fields using the 'nobody' user ID. The...

PT-2025-51655

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's NFS implementation related to delegated timestamps. Specifically, the nfs setattr function does not properly verify the inode's User ID UID against th...

Linux Distros Unpatched Vulnerability : CVE-2025-68242

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NFS: Fix LTP test failures when timestamps are delegated The utimes01 and utime06 tests fail when delegated timestamps are enabled, specifically in subtests tha...

EUVD-2012-2717

Malware in sbrugna...

EUVD-2011-0740

Malware in sbrugna...

CVE-2012-10022

Kloxo versions 6.1.12 and earlier contain two setuid root binaries—lxsuexec and lxrestart—that allow local privilege escalation from uid 48. The lxsuexec binary performs a uid check and permits execution of arbitrary commands as root if the invoking user matches uid 48. This flaw enables attacker...

CVE-2018-9487

In setVpnForcedLocked of Vpn.java, there is a possible blocking of internet traffic through vpn due to a bad uid check. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation...

CVE-2018-9487

In setVpnForcedLocked of Vpn.java, there is a possible blocking of internet traffic through vpn due to a bad uid check. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation...

CVE-2018-9487

In setVpnForcedLocked of Vpn.java, there is a possible blocking of internet traffic through vpn due to a bad uid check. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation...

SUSE CVE-2019-6133

In PolicyKit aka polkit 0.115, the "start time" protection mechanism can be bypassed because fork is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c...

CVE-2022-20246

In WindowManager, there is a possible bypass of the restrictions for starting activities from the background due to an incorrect UID/permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

Design/Logic Flaw

In WindowManager, there is a possible bypass of the restrictions for starting activities from the background due to an incorrect UID/permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

SUSE-SU-2019:2018-1 Security update for polkit

This update for polkit fixes the following issues: Security issue fixed: - CVE-2019-6133: Fixed improper caching of auth decisions, which could bypass uid checking in the interactive backend bsc1121826...

kernel: Missing permission check in move_pages system call

The movepages system call in mm/migrate.c in the Linux kernel doesn't check the effective uid of the target process. This enables a local attacker to learn the memory layout of a setuid executable allowing mitigation of ASLR...