Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-56598)

jfs: array-index-out-of-bounds fix in dtReadFirst. The value of stbl can be sometimes out of bounds due to a bad filesystem. Added a check with appopriate return of error code in that case. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

Nagios Log Server 安全漏洞

Nagios Log Server is a suite of centralized log management, monitoring, and analysis software from Nagios, Inc. A security vulnerability exists in Nagios Log Server versions prior to 2026R1.0.1, which stems from an insecure interaction between sudo rules and filesystem permissions, which could le...

CVE-2025-9982

A vulnerability exists in QuickCMS version 6.8 where sensitive admin credentials are hardcoded in a configuration file and stored in plaintext. This flaw allows attackers with access to the source code or the server file system to retrieve authentication details, potentially leading to privilege...

ext4: guard against EA inode refcount underflow in xattr update

...

ext4: verify orphan file size is not too big

...

CVE-2025-60685

A stack buffer overflow exists in the ToToLink A720R Router firmware V4.1.5cu.614B20230630 within the sysconf binary sub401EE0 function. The binary reads the /proc/stat file using fgets into a local buffer and subsequently parses the line using sscanf into a single-byte variable with the %s forma...

CVE-2025-60685

A stack buffer overflow exists in the ToToLink A720R Router firmware V4.1.5cu.614B20230630 within the sysconf binary sub401EE0 function. The binary reads the /proc/stat file using fgets into a local buffer and subsequently parses the line using sscanf into a single-byte variable with the %s forma...

RLSA-2025:19931 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: x86/vmscape: Add conditional IBPB mitigation CVE-2025-40300 kernel: mm: fix zswap writeback race condition CVE-2023-53178 kernel: fs: fix UAF/GPF bug in nilfsmdtdestroy CVE-2022-50367 For...

EUVD-2025-150376

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid potential buffer over-read in parseapplysbmountoptions Unlike other strings in the ext4 superblock, we rely on tune2fs to make sure smountopts is NUL terminated. Harden parseapplysbmountoptions by treating smountopts ...

EUVD-2025-150374

In the Linux kernel, the following vulnerability has been resolved: Squashfs: reject negative file sizes in squashfsreadinode Syskaller reports a "WARNING in ovlcopyupfile" in overlayfs. This warning is ultimately caused because the underlying Squashfs file system returns a file with a negative...

Siemens SIMATIC S7-1500 Improper Input Validation (CVE-2024-56570)

In the Linux kernel, the following vulnerability has been resolved: ovl: Filter invalid inodes with missing lookup function Add a check to the ovldentryweird function to prevent the processing of directory inodes that lack the lookup function.This is important because such inodes can cause errors...

Siemens SCALANCE, SIMATIC S7-1500 Out-of-bounds Write (CVE-2022-1304)

An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

Linux Distros Unpatched Vulnerability : CVE-2025-40200

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Squashfs: reject negative file sizes in squashfsreadinode Syskaller reports a WARNING in ovlcopyupfile in overlayfs. This warning is ultimately caused because t...

CVE-2025-60685

A stack buffer overflow exists in the ToToLink A720R Router firmware V4.1.5cu.614B20230630 within the sysconf binary sub401EE0 function. The binary reads the /proc/stat file using fgets into a local buffer and subsequently parses the line using sscanf into a single-byte variable with the %s forma...

Siemens SIMATIC S7-1500 Deadlock (CVE-2023-52699)

In the Linux kernel, the following vulnerability has been resolved: sysv: don't call sbbread with pointerslock held syzbot is reporting sleep in atomic context in SysV filesystem 1, for sbbread is called with rwspinlock held. A writelock&pointerslock = readlock&pointerslock deadlock bug and a...

CVE-2025-40200

In the Linux kernel, the following vulnerability has been resolved: Squashfs: reject negative file sizes in squashfsreadinode Syskaller reports a "WARNING in ovlcopyupfile" in overlayfs. This warning is ultimately caused because the underlying Squashfs file system returns a file with a negative...

AZL-70067 CVE-2025-40198 affecting package kernel for versions less than 6.6.117.1-1

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid potential buffer over-read in parseapplysbmountoptions Unlike other strings in the ext4 superblock, we rely on tune2fs to make sure smountopts is NUL terminated. Harden parseapplysbmountoptions by treating smountopts ...

CVE-2025-40190

In the Linux kernel, the following vulnerability has been resolved: ext4: guard against EA inode refcount underflow in xattr update syzkaller found a path where ext4xattrinodeupdateref reads an EA inode refcount that is already ref underflow: refcount=-1 refchange=-1 EXT4-fs warning: eainode dec...

CVE-2025-40198

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid potential buffer over-read in parseapplysbmountoptions Unlike other strings in the ext4 superblock, we rely on tune2fs to make sure smountopts is NUL terminated. Harden parseapplysbmountoptions by treating smountopts ...

CVE-2025-40196

CVE-2025-40196 concerns the Linux kernel quota subsystem. A writeback-triggered flush could trigger a kernel panic due to MEM_RECLAIM flag mismatch when quota_release_work runs on the non MEM_RECLAIM queue. The patch adds a dedicated workqueue with the WQ_MEM_RECLAIM flag for quota_release_work t...