RockyLinux 10 : systemd (RLSA-2026:18153)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:18153 advisory. systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump CVE-2025-4598 Tenable has...

systemd security update

An update is available for systemd. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The systemd packages contain systemd, a system and service manager for Linux...

RockyLinux 9 : systemd (RLSA-2025:22660)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:22660 advisory. systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump CVE-2025-4598 Tenable has...

RLSA-2025:22660 Moderate: systemd security update

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: PowerPC: Do not attempt to copy PPR for tasks with NULL pt regs. The PowerPC architecture sets PFKTHREAD and PFIOWORKER to NULL pt regs. From my arguably very brief testing, this is not commonly done for other architectures. This...

Linux kernel 安全漏洞

The Linux kernel is the core used by the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a kernel bug in netfs when processing the ITERKVEC iterator. This bug may cause the core dum...

Linux Distros Unpatched Vulnerability : CVE-2026-31438

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfs: Fix kernel BUG in netfslimititer for ITERKVEC iterators When a process crashes and the kernel writes a core dump to a 9P filesystem, kernelwrite creates ...

NewStart CGSL MAIN 7.02 : systemd Vulnerability (NS-SA-2026-0034)

The remote NewStart CGSL host, running version MAIN 7.02, has systemd packages installed that are affected by a vulnerability: - The systemd-coredump is prone to a kill-and-replace race condition which may allow a local attacker to gain sensitive information from crashed SUID processes...

MiracleLinux 8 : kernel-4.18.0-240.el8 (AXSA:2021-1489:04)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1489:04 advisory. kernel: use after free in the video driver leads to local privilege escalation CVE-2019-9458 kernel: use-after-free in drivers/bluetooth/hcildisc.c...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004413)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004413 advisory. A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003048)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003048 advisory. In the flushtmregstothread function in arch/powerpc/kernel/ptrace.c in the Linux kernel before 4.13.5, a guest kernel crash can be triggered from unprivileged...

MiracleLinux 9 : systemd-252-55.el9_7.7.ML.1 (AXSA:2025-11553:11)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-11553:11 advisory. systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump CVE-2025-4598 Tenable...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992901)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992901 advisory. In the Linux kernel, the following vulnerability has been resolved: powerpc: Don't try to copy PPR for task with NULL ptregs powerpc sets up PFKTHREAD and PFIOWORKER...

RHEL 9 : systemd (RHSA-2025:22660)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:22660 advisory. The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive...

ALSA-2025:22660 Moderate: systemd security update

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes...

Linux Distros Unpatched Vulnerability : CVE-2025-64345

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Wasmtime is a runtime for WebAssembly. Prior to version 38.0.4, 37.0.3, 36.0.3, and 24.0.5, Wasmtime's Rust embedder API contains an unsound interaction where a...

DEBIAN-CVE-2025-64345

Wasmtime is a runtime for WebAssembly. Prior to version 38.0.4, 37.0.3, 36.0.3, and 24.0.5, Wasmtime's Rust embedder API contains an unsound interaction where a WebAssembly shared linear memory could be viewed as a type which provides safe access to the host Rust to the contents of the linear...

CVE-2025-64345

Wasmtime is a runtime for WebAssembly. Prior to version 38.0.4, 37.0.3, 36.0.3, and 24.0.5, Wasmtime's Rust embedder API contains an unsound interaction where a WebAssembly shared linear memory could be viewed as a type which provides safe access to the host Rust to the contents of the linear...

UBUNTU-CVE-2025-64345

Wasmtime is a runtime for WebAssembly. Prior to version 38.0.4, 37.0.3, 36.0.3, and 24.0.5, Wasmtime's Rust embedder API contains an unsound interaction where a WebAssembly shared linear memory could be viewed as a type which provides safe access to the host Rust to the contents of the linear...

GHSA-HC7M-R6V8-HG9Q Wasmtime provides unsound API access to a WebAssembly shared linear memory

Impact Wasmtime's Rust embedder API contains an unsound interaction where a WebAssembly shared linear memory could be viewed as a type which provides safe access to the host Rust to the contents of the linear memory. This is not sound for shared linear memories, which could be modified in paralle...