Lexmark Printers Improper Limitation of a Pathname to a Restricted Directory (CVE-2025-1127)

A combination Path Traversal and Concurrent Execution vulnerability exists within the embedded web server in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503894...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989441)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989441 advisory. In the Linux kernel, the following vulnerability has been resolved: s390/dasd: protect device queue against concurrent access In dasdprofilestart the amount of...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989719)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989719 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/i915/reset: Fix errorstateread ptr + offset use Fix our pointer offset usage in errorstaterea...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989842)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989842 advisory. In the Linux kernel, the following vulnerability has been resolved: s390/dasd: protect device queue against concurrent access In dasdprofilestart the amount of...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989505)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989505 advisory. In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix races between xattrset|get and listxattr operations UBIFS may occur some problems with...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989362)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989362 advisory. In the Linux kernel, the following vulnerability has been resolved: can: j1939: fix errant WARNONONCE in j1939sessiondeactivate The conclusion j1939sessiondeactivate...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989438)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989438 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/i915/reset: Fix errorstateread ptr + offset use Fix our pointer offset usage in errorstaterea...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988727)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988727 advisory. In the Linux kernel, the following vulnerability has been resolved: net: sched: flower: protect flwalk with rcu Patch that refactored flwalk to use...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989559)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989559 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix races among concurrent prealloc proc writes We have no protection against concurre...

database/sql: Postgres Scan Race Condition

A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leadin...

database/sql: Postgres Scan Race Condition

A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leadin...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nfconntrack: A crash occurred due to the removal of an uninitialized entry. A crash occurred when attempting to remove the conntrack entry from the hash bucket list: Exception RIP: nfctdeletefromlists+172 .. 7...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Wifi: mwifiex: discards erroneous disassociation frames on the STA interface When operating in concurrent STA/AP mode with the host MLME enabled, the firmware incorrectly sends disassociation frames to the STA interface when...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: fs/nfs/read: fixed the double-unlock bug in nfsreturnemptyfolio. Sometimes, when a file was read while it was being truncated by another NFS client, the kernel could become deadlocked because foliounlock was called twice, and the...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: The data race in shownumainfo has been fixed. The following data race was detected in shownumainfo: BUG: KCSAN: Data race in vmallocinfoshow/vmallocinfoshow Read to 0xffff88800971fe30 of 4 bytes by task 8289 on CPU 0:...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Tracing: Add downwritetraceeventsem when adding a trace event. When a module is loaded, it adds trace events defined by that module. It may also be necessary to modify the module’s trace printk formats by replacing enum names wit...

Siemens SIMATIC Devices Use After Free (CVE-2024-42302)

In the Linux kernel, the following vulnerability has been resolved: PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal Keith reports a use-after-free when a DPC event occurs concurrently to hot- removal of the same portion of the hierarchy: The dpchandler awaits readiness of the...

Linux Distros Unpatched Vulnerability : CVE-2022-50563

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dm thin: Fix UAF in runtimersoftirq When dmresume and dmdestroy are concurrent, it will lead to UAF, as follows: BUG: KASAN: use-after-free in...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices NULL Pointer Dereference (CVE-2024-44935)

sctp: Fix null-ptr-deref in reuseportaddsock. A Null Pointer Dereference in reuseportaddsock while accessing sk2-skreuseportcb . The repro first creates a listener with SOREUSEPORT. Then, it creates another listener on the same port and concurrently closes the first listener. The second listen...

Security update for kernel-livepatch-MICRO-6-0-RT_Update_2

This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: CVE-2024-49974: NFSD: limit the number of concurrent async COPY operations bsc1232384 CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794 CVE-2025-38206: exfat: fix double free in delayedfre...