ROOT-OS-DEBIAN-12-CVE-2025-40271 CVE-2025-40271 in rootio-linux - Patched by Root

Root has patched CVE-2025-40271 in the rootio-linux package for Root:Debian:12. Multiple fixed versions available...

ROOT-OS-UBUNTU-2404-CVE-2025-40271 CVE-2025-40271 in rootio-linux - Patched by Root

Root has patched CVE-2025-40271 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

CVE-2026-40271

creationtimestamp| type| source ---|---|--- 2026-04-09 07:00:14+00:00| published-proof-of-concept| Telegram/V9T5HdKaErtTwyv1R14Z1Kq9GZJl6b2U5JUtaXbc9xcAYo...

Exploit for CVE-2026-40271

Lazarus Group: 19-Day A/B Test Campaign Analysis TLP:CLEA...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...

RHEL 9 : kernel (RHSA-2026:3293)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3293 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: RDMA/core: Fix KASAN:...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.4-2026-118 (ALASKERNEL-5.4-2026-118)

The version of kernel installed on the remote host is prior to 5.4.302-222.451. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2026-118 advisory. In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix null-deref in...

MiracleLinux 9 : kernel-5.14.0-611.30.1.el9_7 (AXSA:2026-192:12)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-192:12 advisory. kernel: net: openvswitch: fix nested key length validation in the set action CVE-2025-37789 kernel: Linux kernel: irqchip/gic-v2m use-after-free...

RHEL 10 : kernel (RHSA-2026:2761)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2761 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: smb: client: Fix use-after-fr...

RHEL 8 : kernel-rt (RHSA-2026:1661)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1661 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

RHEL 8 : kernel (RHSA-2026:1662)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1662 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: IB/hfi1: Fix sdma.h tx-numdesc...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2026-50005)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-50005 advisory. - fs/proc: fix uaf in procreaddirde Wei Yang Orabug: 38787139 CVE-2025-40271 Tenable has extracted the preceding description block directly from the Oracle...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2025-28068)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-28068 advisory. - fs/proc: fix uaf in procreaddirde Wei Yang Orabug: 38786776 CVE-2025-40271 - NFSD: Define a proclayoutcommit for the FlexFiles layout type Chuck Lever...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2025-28067)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-28067 advisory. - tipc: Fix use-after-free in tipcmonreinitself. Kuniyuki Iwashima Orabug: 38786195 CVE-2025-40280 - fs/proc: fix uaf in procreaddirde Wei Yang...

Linux Distros Unpatched Vulnerability : CVE-2025-40271

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/proc: fix uaf in procreaddirde Pde is erased from subdir rbtree through rberase, but not set the node to EMPTY, which may result in uaf access. We should us...

EUVD-2025-40271

Malicious code in candra-lapis74-ruro npm...

MAL-2025-40271 Malicious code in yankee-pgx-project (npm)

The package yankee-pgx-project was found to contain malicious code...

CVE-2023-40271

creationtimestamp| type| source ---|---|--- 2023-09-08 07:19:16+00:00| seen| https://t.me/cibsecurity/70124...

CVE-2023-40271

In Trusted Firmware-M through TF-Mv1.8.0, for platforms that integrate the CryptoCell accelerator, when the CryptoCell PSA Driver software Interface is selected, and the Authenticated Encryption with Associated Data Chacha20-Poly1305 algorithm is used, with the single-part verification function...

CVE-2023-40271

Summary: CVE-2023-40271 describes a vulnerability in Trusted Firmware-M (TF-M) up to v1.8.0 where, on platforms using the CryptoCell PSA Driver with ChaCha20-Poly1305, the authentication tag verification performed by a single-part path compares only the first 4 bytes of the 16-byte tag. This inco...