EUVD-2015-3242

Malware in sbrugna...

Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel vulnerability (USN-7758-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-7758-1 advisory. It was discovered that the AFUNIX socket garbage collection implementation in Ubuntu Noble's 6.8 kernel did not properly handle out-of-band OOB...

SUSE-SU-2023:0245-1 Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-1503005971 fixes several issues. The following security issues were fixed: - CVE-2022-3424: Fixed use-after-free in grusetcontextoption, grufault and gruhandleusercallos that could lead to kernel panic bsc1204167. - CVE-2022-2602: Fixed a local privilege...

OPENSUSE-SU-2022:10091-1 Security update for canna

This update for canna fixes the following issues: - CVE-2022-21950: Move UNIX socket dir from /tmp to /run to avoid local attackers being able to place bogus directories in its stead. Use systemd-tmpfiles for cleaning old sockets boo1199280...

CVE-2016-2550

The Linux kernel before 4.5 allows local users to bypass file-descriptor limits and cause a denial of service memory consumption by leveraging incorrect tracking of descriptor ownership and sending each descriptor over a UNIX socket before closing it. NOTE: this vulnerability exists because of an...

CVE-1999-1402

The access permissions for a UNIX domain socket are ignored in Solaris 2.x and SunOS 4.x, and other BSD-based operating systems before 4.4, which could allow local users to connect to the socket and possibly disrupt or control the operations of the program using that socket...

FreeBSD 3.1 / Solaris 2.6 - Domain Socket

// source: https://www.securityfocus.com/bid/456/info Solaris 2.6 and many other unices/clones have a serious problem with their unix domain socket implementation that has it's origins in old BSD code. Any unix socket created by any application is set mode 4777. In Solaris versions 2.5 and earlie...