7 matches found
CVE-2026-31431
CVE-2026-31431 is a local privilege escalation in the Linux kernel’s algif_aead/AF_ALG path. The root cause is an in-place operation bug in the AEAD handling, which can be exercised via AF_ALG sockets with the authencesn algorithm and splice() to corrupt the kernel page cache of readable files wi...
CVE-2025-32463
CVE-2025-32463 affects the sudo utility prior to 1.9.17p1. The vulnerability arises when /etc/nsswitch.conf is sourced from a user-controlled directory via the --chroot option, enabling local users to obtain root access. Connected sources also describe related behavior where a sudoers entry that ...
CVE-2010-3865
CVE-2010-3865 is a Linux kernel issue described in connected advisories as an integer overflow in the rds_rdma_pages function (net/rds/rdma.c). The vulnerability can allow local users to crash the kernel and potentially execute arbitrary code through a crafted iovec in an RDS request, triggered b...
CVE-2009-2692
CVE-2009-2692 stems from uninitialized proto_ops in the Linux kernel (SOCKOPS_WRAP), allowing local users to trigger a NULL pointer dereference via mmap of page zero and gain privileges by invoking an unavailable operation (e.g., sock_sendpage on PF_PPPOX). Public details reference local privileg...
CVE-2022-27239
CVE-2022-27239 affects cifs-utils up to version 6.14, due to a stack-based buffer overflow when parsing the mount.cifs ip= argument, enabling local attackers to gain root privileges. A patched version is available (e.g., cifs-utils 6.14-2 and later per advisories). Remediation is to update to a f...
CVE-2010-2959
The CVE-2010-2959 issue affects the Linux kernel CAN subsystem, specifically the can/bcm.c implementation, due to an integer overflow vulnerability. This flaw can allow local attackers to execute arbitrary code or cause a system crash (DoS) via crafted CAN traffic. Public advisories confirm vulne...
CVE-2010-2803
CVE-2010-2803 affects the Linux kernel DRM subsystem. The drm_ioctl path in drivers/gpu/drm/drm_drv.c allows a local user to request a large memory allocation and may leak kernel memory contents. Affected trees/versions include 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2...