1822 matches found
CVE-2025-40137
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to truncate first page in error path of f2fstruncate syzbot reports a bug as below: loop0: detected capacity change from 0 to 40427 F2FS-fs loop0: Wrong SSA boundary, start3584 end4096 blocks3072 F2FS-fs loop0: Can't fi...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990877)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990877 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: Require FMODEWRITE for atomic write ioctls The F2FS ioctls for starting and committing atom...
Medium: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Check ssize for decryption and in-place encryption CVE-2025-40019 Affected Packages: kernel Issue Correction: Run dnf update kernel --releasever 2023.9.20251110 or dnf update --advisory...
runc: LSM labels can be bypassed with malicious config using dummy procfs files
...
runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects
A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : sccache (SUSE-SU-2025:3944-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:3944-1 advisory. - CVE-2025-55159 - updated slab with the uninit memory access fix bsc1248003 Tenable has extracted the...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990495)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990495 advisory. In the Linux kernel, the following vulnerability has been resolved: media: cx25821: Fix the warning when removing the module When removing the module, we will get th...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990387)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990387 advisory. In the Linux kernel, the following vulnerability has been resolved: i40e: Fix call trace in setuptxdescriptors After PF reset and ethtool -t there was call trace in...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990428)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990428 advisory. In the Linux kernel, the following vulnerability has been resolved: net: ipv6: unexport init-annotated seg6hmacinit EXPORTSYMBOL and init is a bad combination becaus...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990533)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990533 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix possible memory leak in lpfcrcvpadisc The call to lpfcsli4resumerpi in...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988730)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988730 advisory. In the Linux kernel, the following vulnerability has been resolved: LSM: general protection fault in legacyparseparam The usual LSM hook bail on fail scheme doesn't...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989957)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989957 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix more uncharged while msg has moredata In tcpbpfsendverdict, if msg has more dat...
RHEL 8 : bind9.16 (RHSA-2025:19793)
"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:19793 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989944)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989944 advisory. In the Linux kernel, the following vulnerability has been resolved: clocksource: hyper-v: unexport init-annotated hvinitclocksource EXPORTSYMBOL and init is a bad...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989157)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989157 advisory. In the Linux kernel, the following vulnerability has been resolved: mm/kmemleak: avoid scanning potential huge holes When using devmrequestfreememregion and...
Moderate: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...
Linux Distros Unpatched Vulnerability : CVE-2023-53692
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free read in ext4findextent for bigalloc + inline Syzbot found the...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : webkit2gtk3 (SUSE-SU-2025:3701-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:3701-1 advisory. - CVE-2025-43343: improved memory handling in web content processing to prevent process crash...
TencentOS Server 3: cups (TSSA-2025:0807)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0807 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
xfrm: xfrm_alloc_spi shouldn't use 0 as SPI
...