3 matches found
CVE-2024-6387
CVE-2024-6387 is a remote code-execution vulnerability in OpenSSH’s server (sshd) caused by a race condition in a signal handler that may run after a client fails to authenticate within LoginGraceTime. The issue is exploitable by an unauthenticated, remote attacker on glibc-based Linux systems, p...
CVE-2026-31431
CVE-2026-31431 is a local privilege escalation in the Linux kernel’s algif_aead/AF_ALG path. The root cause is an in-place operation bug in the AEAD handling, which can be exercised via AF_ALG sockets with the authencesn algorithm and splice() to corrupt the kernel page cache of readable files wi...
CVE-2022-27239
CVE-2022-27239 affects cifs-utils up to version 6.14, due to a stack-based buffer overflow when parsing the mount.cifs ip= argument, enabling local attackers to gain root privileges. A patched version is available (e.g., cifs-utils 6.14-2 and later per advisories). Remediation is to update to a f...