Fedora 44 : haveged (2026-12643837bd)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-12643837bd advisory. Backport fix for CVE-2026-41054: privilege escalation via command socket Tenable has extracted the preceding description block directly from the Fedora...

SUSE CVE-2026-45999

In the Linux kernel, the following vulnerability has been resolved: erofs: fix unsigned underflow in zerofslz4handleoverlap Some crafted images can have illegal !partialdecoding && mllen out access reads past the decompressedpages array. However, such crafted cases can correctly result in a...

UBUNTU-CVE-2026-45999

In the Linux kernel, the following vulnerability has been resolved: erofs: fix unsigned underflow in zerofslz4handleoverlap Some crafted images can have illegal !partialdecoding && mllen out access reads past the decompressedpages array. However, such crafted cases can correctly result in a...

PT-2026-43866

In the Linux kernel, the following vulnerability has been resolved: erofs: fix unsigned underflow in z erofs lz4 handle overlap Some crafted images can have illegal !partial decoding && m llen out access reads past the decompressed pages array. However, such crafted cases can correctly result in ...

Oracle Linux 7 : gdk-pixbuf2 (ELSA-2026-12114)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-12114 advisory. - Backport fixes for CVE-2026-5201 Orabug: 39288631 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Not...

CVE-2026-43381

In the Linux kernel, the following vulnerability has been resolved: nouveau/dpcd: return EBUSY for aux xfer if the device is asleep If we have runtime suspended, and userspace wants to use /dev/drmdp then just tell it the device is busy instead of crashing in the GSP code. WARNING: CPU: 2 PID:...

CVE-2026-43381 nouveau/dpcd: return EBUSY for aux xfer if the device is asleep

In the Linux kernel, the following vulnerability has been resolved: nouveau/dpcd: return EBUSY for aux xfer if the device is asleep If we have runtime suspended, and userspace wants to use /dev/drmdp then just tell it the device is busy instead of crashing in the GSP code. WARNING: CPU: 2 PID:...

PT-2026-39042

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the nouveau/dpcd component where the system may crash in the GSP code if userspace attempts to use /dev/drm dp while the device is in a runtime suspended state. The...

CVE-2026-43191

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Adjust PHY FSM transition to TXEN-to-PLLON for TMDS on DCN35 Why A backport of the change made for DCN401 that addresses an issue where we turn off the PHY PLL when disabling TMDS output, which causes the OTG to...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix incomplete backport in cfidsinvalidationworker The previous commit bdb596ceb4b7 "smb: client: fix potential UAF in smb2closecachedfid" was an incomplete backport and missed one krefput call in...

CLSA-2026-1777544831 libarchive: Fix of CVE-2021-31566

CVE-2021-31566: extend backport with upstream 8a1bd5c and ede459d2 to close the trailing-slash variant of the fixup-list symlink-follow attack...

CLSA-2026-1777384121 squid: Fix of 3 CVEs

CVE-2019-12521: fix ESI parser off-by-one heap overflow by enforcing a stack-depth limit and throwing on overflow - CVE-2019-12524 already addressed by the CVE-2019-12520 backport same fix upstream; see Squid advisory SQUID-2019:4...

Fedora 43 : PackageKit (2026-7463cd3c32)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-7463cd3c32 advisory. Backport fix for race condition leading to root compromise GHSA-f55j-vvr9-69xv Tenable has extracted the preceding description block directly from the Fedora...

CLSA-2026-1777307149 libarchive: Fix of CVE-2021-31566

CVE-2021-31566: extend backport with upstream 8a1bd5c and ede459d2 to close the trailing-slash variant of the fixup-list symlink-follow attack...

OPENSUSE-SU-2026:20632-1 Security update for freerdp2

This update for freerdp2 fixes the following issues: Changes in freerdp2: - Update freerdp-3-macro: + Add WINPRATTRMALLOC macro from freerdp 3 - Security fixes for the following issues: CVE-2026-25941: Fixed a out of bounds read bsc1258919 CVE-2026-25942: Fixed a buffer overflow in...

Fedora: Security Advisory (FEDORA-2026-6d7e0a8b45)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 43 : mapserver (2026-6d7e0a8b45)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-6d7e0a8b45 advisory. Backport fix for CVE-2026-33721. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Fedora: Security Advisory (FEDORA-2026-2350c6fd8c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 43 : python-pillow (2026-9f517a7495)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-9f517a7495 advisory. Backport fix for CVE-2026-25990. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

Oracle Linux 8 : openssl (ELSA-2026-50077)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-50077 advisory. - Backport fix for Out-of-bounds read & write in RFC 3211 KEK Unwrap Fix CVE-2025-9230 Resolves: RHEL-128613 Tenable has extracted the preceding description...