12 matches found
Astra Linux – Vulnerability in Linux 5.10, Linux
The SUNRPC subsystem in the Linux kernel, up to version 5.17.2, can call the xsxprtfree function before ensuring that the sockets are in the intended state...
Ubuntu 20.04 LTS : Linux kernel (Azure CVM) vulnerabilities (USN-5582-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5582-1 advisory. Arthur Mongodin discovered that the netfilter subsystem in the Linux kernel did not properly perform data validation. A local attacker could use this to...
GSD-2022-1001340 SUNRPC: Ensure we flush any closed sockets before xs_xprt_free()
SUNRPC: Ensure we flush any closed sockets before xsxprtfree This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.20 by commit...
The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state.
...
The vulnerability in the implementation of the xs_xprt_free() function in the Sun RPC (Open Network Computing Remote Procedure Call) kernel of Linux operating systems allows a attacker to cause a service failure.
The vulnerability of the implementation of the xsxprtfree function in the Sun RPC Open Network Computing Remote Procedure Call kernel of Linux operating systems is related to state management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...
CVE-2022-28893
The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xsxprtfree before ensuring that sockets are in the intended state...
AZL-9332 CVE-2022-28893 affecting package kernel for versions less than 5.15.41.1-1
The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xsxprtfree before ensuring that sockets are in the intended state...
CVE-2022-28893
The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xsxprtfree before ensuring that sockets are in the intended state...
DEBIAN-CVE-2022-28893
The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xsxprtfree before ensuring that sockets are in the intended state...
UBUNTU-CVE-2022-28893
The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xsxprtfree before ensuring that sockets are in the intended state...
CVE-2022-28893
CVE-2022-28893 is a Linux kernel SUNRPC issue fixed in later kernels when the xs_xprt_free path runs before sockets reach the intended state, enabling kernel memory corruption via a use-after-free (UAF) condition in the inet_put_port flow. Public documentation confirms the root cause and that exp...
Linux kernel 资源管理错误漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel version 5.17.2 and earlier, which stems from the fact that the SUNRPC subsystem can call xsxprtfree before ensuring that a socke...