Количество 48
Количество 48
CVE-2023-4622
A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation. The unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. Thus there is a race where unix_stream_sendpage() could access an skb locklessly that is being released by garbage collection, resulting in use-after-free. We recommend upgrading past commit 790c2f9d15b594350ae9bca7b236f2b1859de02c.
CVE-2023-4622
A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation. The unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. Thus there is a race where unix_stream_sendpage() could access an skb locklessly that is being released by garbage collection, resulting in use-after-free. We recommend upgrading past commit 790c2f9d15b594350ae9bca7b236f2b1859de02c.
CVE-2023-4622
A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation. The unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. Thus there is a race where unix_stream_sendpage() could access an skb locklessly that is being released by garbage collection, resulting in use-after-free. We recommend upgrading past commit 790c2f9d15b594350ae9bca7b236f2b1859de02c.
CVE-2023-4622
CVE-2023-4622
A use-after-free vulnerability in the Linux kernel's af_unix component ...
SUSE-SU-2023:4847-1
Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP5)
SUSE-SU-2023:4831-1
Security update for the Linux Kernel (Live Patch 36 for SLE 15 SP1)
SUSE-SU-2023:4799-1
Security update for the Linux Kernel (Live Patch 42 for SLE 12 SP5)
SUSE-SU-2023:4795-1
Security update for the Linux Kernel (Live Patch 38 for SLE 15 SP1)
GHSA-hxpr-87wq-jwf8
A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation. The unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. Thus there is a race where unix_stream_sendpage() could access an skb locklessly that is being released by garbage collection, resulting in use-after-free. We recommend upgrading past commit 790c2f9d15b594350ae9bca7b236f2b1859de02c.
BDU:2023-05389
Уязвимость функции unix_stream_sendpage() в модуле net/unix/af_unix.c ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации или повысить свои привилегии
SUSE-SU-2023:4866-1
Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP2)
SUSE-SU-2023:4833-1
Security update for the Linux Kernel (Live Patch 32 for SLE 15 SP2)
SUSE-SU-2023:4802-1
Security update for the Linux Kernel (Live Patch 38 for SLE 15 SP2)
SUSE-SU-2023:4796-1
Security update for the Linux Kernel (Live Patch 36 for SLE 15 SP2)
SUSE-SU-2023:4871-1
Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP3)
SUSE-SU-2023:4862-1
Security update for the Linux Kernel (Live Patch 28 for SLE 15 SP3)
SUSE-SU-2023:4836-1
Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP3)
SUSE-SU-2023:4820-1
Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP3)
SUSE-SU-2023:4817-1
Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP3)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-4622 A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation. The unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. Thus there is a race where unix_stream_sendpage() could access an skb locklessly that is being released by garbage collection, resulting in use-after-free. We recommend upgrading past commit 790c2f9d15b594350ae9bca7b236f2b1859de02c. | CVSS3: 7.8 | 0% Низкий | почти 2 года назад |
 | CVE-2023-4622 A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation. The unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. Thus there is a race where unix_stream_sendpage() could access an skb locklessly that is being released by garbage collection, resulting in use-after-free. We recommend upgrading past commit 790c2f9d15b594350ae9bca7b236f2b1859de02c. | CVSS3: 6.6 | 0% Низкий | почти 2 года назад |
 | CVE-2023-4622 A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation. The unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. Thus there is a race where unix_stream_sendpage() could access an skb locklessly that is being released by garbage collection, resulting in use-after-free. We recommend upgrading past commit 790c2f9d15b594350ae9bca7b236f2b1859de02c. | CVSS3: 7.8 | 0% Низкий | почти 2 года назад |
 | CVSS3: 7 | 0% Низкий | почти 2 года назад | |
| CVE-2023-4622 A use-after-free vulnerability in the Linux kernel's af_unix component ... | CVSS3: 7.8 | 0% Низкий | почти 2 года назад |
 | SUSE-SU-2023:4847-1 Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP5) | 0% Низкий | больше 1 года назад | |
| SUSE-SU-2023:4831-1 Security update for the Linux Kernel (Live Patch 36 for SLE 15 SP1) | 0% Низкий | больше 1 года назад | |
| SUSE-SU-2023:4799-1 Security update for the Linux Kernel (Live Patch 42 for SLE 12 SP5) | 0% Низкий | больше 1 года назад | |
| SUSE-SU-2023:4795-1 Security update for the Linux Kernel (Live Patch 38 for SLE 15 SP1) | 0% Низкий | больше 1 года назад | |
| GHSA-hxpr-87wq-jwf8 A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation. The unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. Thus there is a race where unix_stream_sendpage() could access an skb locklessly that is being released by garbage collection, resulting in use-after-free. We recommend upgrading past commit 790c2f9d15b594350ae9bca7b236f2b1859de02c. | CVSS3: 7.8 | 0% Низкий | почти 2 года назад |
 | BDU:2023-05389 Уязвимость функции unix_stream_sendpage() в модуле net/unix/af_unix.c ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации или повысить свои привилегии | CVSS3: 7 | 0% Низкий | около 2 лет назад |
| SUSE-SU-2023:4866-1 Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP2) | больше 1 года назад | ||
| SUSE-SU-2023:4833-1 Security update for the Linux Kernel (Live Patch 32 for SLE 15 SP2) | больше 1 года назад | ||
| SUSE-SU-2023:4802-1 Security update for the Linux Kernel (Live Patch 38 for SLE 15 SP2) | больше 1 года назад | ||
| SUSE-SU-2023:4796-1 Security update for the Linux Kernel (Live Patch 36 for SLE 15 SP2) | больше 1 года назад | ||
| SUSE-SU-2023:4871-1 Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP3) | больше 1 года назад | ||
| SUSE-SU-2023:4862-1 Security update for the Linux Kernel (Live Patch 28 for SLE 15 SP3) | больше 1 года назад | ||
| SUSE-SU-2023:4836-1 Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP3) | больше 1 года назад | ||
| SUSE-SU-2023:4820-1 Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP3) | больше 1 года назад | ||
| SUSE-SU-2023:4817-1 Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP3) | больше 1 года назад |
Уязвимостей на страницу