USN-7387-3: Linux kernel (Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - Supe...

Ubuntu 22.04 LTS : Linux kernel (NVIDIA Tegra) vulnerabilities (USN-7389-1)

"The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7389-1 advisory. Attila Szsz discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a...

USN-7387-1 linux, linux-aws, linux-azure, linux-gcp, linux-gke, linux-gkeop, linux-ibm, linux-intel-iotg, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, linux-oracle-5.15, linux-raspi vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - Supe...

USN-7383-2 linux-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - Drivers core; - Ublk userspace block driver; -...

USN-7382-1 linux-oem-6.11 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - x86...

USN-7380-1 linux-lowlatency vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - x86...

USN-7379-1 linux, linux-aws, linux-azure, linux-gcp, linux-hwe-6.11, linux-oracle, linux-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - x86...

The vulnerability of Zoom’s video conferencing software lies in the insufficient protection of sensitive data, allowing attackers to gain unauthorized access to protected information.

The vulnerability of Zoom Workplace, SDK, Room clients, and Room controllers’ software relates to insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

Amazon Linux 2 : kernel (ALASKERNEL-5.4-2025-096)

The version of kernel installed on the remote host is prior to 5.4.290-205.405. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2025-096 advisory. Insufficient control flow management for the IntelR 82599 Ethernet Controllers and Adapters may allow an...

Amazon Linux 2 : kernel (ALASKERNEL-5.10-2025-085)

The version of kernel installed on the remote host is prior to 5.10.234-225.917. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2025-085 advisory. Insufficient control flow management for the IntelR 82599 Ethernet Controllers and Adapters may allow an...

The vulnerability of the command-line interface of SiPass IP access controllers allows attackers to execute arbitrary commands and gain unauthorized access to protected information.

The vulnerability of the command-line interface of SiPass IP access controllers is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary commands and gain unauthorized access to protected information...

Virtuozzo Hybrid Server 7.5 Update 7 Hotfix 3 (7.5.7-176)

The Hotfix 3 for Virtuozzo Hybrid Server 7.5 Update 7 provides fixes for the c2v-convert tool and VirtIO SCSI controllers. Vulnerability id: PSBM-160763 Fixed an issue where the c2v-convert tool failed to convert a container if one of its disks did not have a mount point specified in the source...

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Overview Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere due to the improper validation of target registry domains during the token exchange process. An attacker can extract and misuse authentication tokens by directin...

Linux Distros Unpatched Vulnerability : CVE-2021-47469

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: spi: Fix deadlock when adding SPI controllers on SPI buses Currently we have a global...

Linux Distros Unpatched Vulnerability : CVE-2023-4154

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only...

Linux Distros Unpatched Vulnerability : CVE-2024-26605

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PCI/ASPM: Fix deadlock when enabling ASPM A last minute revert in 6.7-final introduced a potential deadlock when enabling ASPM during probe of Qualcomm PCIe...

Linux Distros Unpatched Vulnerability : CVE-2022-48982

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: Fix crash when replugging CSR fake controllers It seems fake CSR 5.0 clones can cause the suspend notifier to be registered twice causing the followi...

The vulnerability of the web server of the microprogramming software for programmable logic controllers SIMATIC S7-1200 allows attackers to perform spoofing attacks.

The vulnerability of the web server of microprogrammed software-controlled logical controllers SIMATIC S7-1200 is related to errors in authenticating certificates. Exploiting this vulnerability allows an attacker to perform spoofing attacks remotely...

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on February 27, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-058-01 Schneider Electric Communication Modules for Modicon M580 and Quantum...

USN-7289-2 linux-azure-5.15, linux-azure-fde-5.15, linux-oracle-5.15 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - ACPI drivers; - GPU drivers; - HID subsystem; -...