40 matches found
SUSE CVE-2026-53236
In the Linux kernel, the following vulnerability has been resolved: tcp: restrict SOATTACHFILTER to priv users This patch restricts the use of SOATTACHFILTER cBPF on TCP sockets to users with CAPNETADMIN capability. This blocks potential side-channel attack where an unprivileged application...
SUSE CVE-2026-45841
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkosf: fix divide-by-zero in OSFWSSMODULO nfosfmatchone computes ctx-window % f-wss.val in the OSFWSSMODULO branch with no guard for f-wss.val == 0. A CAPNETADMIN user can add such a fingerprint via nfnetlink; a...
CVE-2026-45932 bpf: Fix tcx/netkit detach permissions when prog fd isn't given
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix tcx/netkit detach permissions when prog fd isn't given This commit fixes a security issue where BPFPROGDETACH on tcx or netkit devices could be executed by any user when no program fd was provided, bypassing permission...
CVE-2026-4056 User Registration & Membership <= 5.1.4 - Missing Authorization to Authenticated (Contributor+) Content Access Rule Manipulation
The User Registration & Membership plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the Content Access Rules REST API endpoints in versions 5.0.1 through 5.1.4. This is due to the checkpermissions method only checking for editposts...
CVE-2026-4056
The CVE-2026-4056 entry concerns the WordPress plugin “User Registration & Membership.” The vulnerability arises from a missing capability check in the Content Access Rules REST API endpoints, where the code path only validates the edit_posts permission instead of an administrator-level capabilit...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002318)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002318 advisory. Multiple buffer overflows in drivers/staging/wlags49h2/wlpriv.c in the Linux kernel before 3.12 allow local users to cause a denial of service or possibly have...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002055)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002055 advisory. The doumount function in fs/namespace.c in the Linux kernel through 3.17 does not require the CAPSYSADMIN capability for doremountsb calls that change the root...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001845)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001845 advisory. Multiple buffer underflows in the XFS implementation in the Linux kernel through 3.12.1 allow local users to cause a denial of service memory corruption or possibly...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001773)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001773 advisory. A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer skb was assumed to be associated with a device before calling...
RLSA-2025:23279 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns CVE-2025-38499 kernel: net: tun: Update napi-skb after XDP process CVE-2025-39984 For more details about the...
Unbreakable Enterprise kernel security update
5.4.17-2136.348.3 - hugetlbfs: take readlock on immap for PMD sharing Waiman Long Orabug: 38459576 - kallsyms: add modulekallsymsoneachsymbollocked Julian Pidancet Orabug: 37629344 Orabug: 38418686 - kallsyms: export modulekallsymsoneachsymbol Julian Pidancet Orabug: 37629344 Orabug: 38418686...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414609)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414609 advisory. An out-of-bounds OOB memory write flaw was found in listdevices in drivers/md/dm-ioctl.c in the Multi- device driver module in the Linux kernel before 5.12. A bound...
CVE-2023-53570 wifi: nl80211: fix integer overflow in nl80211_parse_mbssid_elems()
In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: fix integer overflow in nl80211parsembssidelems nl80211parsembssidelems uses a u8 variable numelems to count the number of MBSSID elements in the nested netlink attribute attrs, which can lead to an integer overflo...
EUVD-2022-48307
Malicious code in bioql PyPI...
AZL-66174 CVE-2025-38499 affecting package kernel for versions less than 6.6.104.2-1
In the Linux kernel, the following vulnerability has been resolved: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns What we want is to verify there is that clone won't expose something hidden by a mount we wouldn't be able to undo. "Wouldn't be able to undo" may be a...
CVE-2025-38499
CVE-2025-38499 affects the Linux kernel. The issue arises in clone_private_mnt() where CAP_SYS_ADMIN is checked in the wrong user namespace, potentially allowing a local attacker with low privileges to influence mount handling and affect availability. The referenced advisories show this CVE is tr...
UBUNTU-CVE-2025-38466
In the Linux kernel, the following vulnerability has been resolved: perf: Revert to requiring CAPSYSADMIN for uprobes Jann reports that uprobes can be used destructively when used in the middle of an instruction. The kernel only verifies there is a valid instruction at the requested offset, but d...
CVE-2024-9132
The administrator is able to configure an insecure captive portal script...
PT-2025-32554
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The clone private mnt function did not properly verify that the caller has CAP SYS ADMIN privileges within the correct user namespace. This could potentially allow exposure of hidden...
kernel: tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc
In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: require CAPNETADMIN to attach NGSM0710 ldisc Any unprivileged user can attach NGSM0710 ldisc, but it requires CAPNETADMIN to create a GSM network anyway. Require initial namespace CAPNETADMIN to do that...