Astra Linux - уязвимость в grub2

Integer underflow in grubnetrecvip4packets; A malicious IP packet can cause an integer underflow in the grubnetrecvip4packets function, affecting the rsm-totallen value. Under certain circumstances, the totallen value may wrap around to a small integer number, which will be used in memory...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: macvlan: The forgotten nlapolicy has been added for IFLAMACVLANBCCUTOFF. The previous commit 954d1fa1ac93, titled “macvlan: Add netlink attribute for broadcast cutoff”, added an additional attribute named IFLAMACVLANBCCUTOFF to...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: net: Removed the RTNL dance for SIOCBRADDIF and SIOCBRDELIF. SIOCBRDELIF is passed to devioctl first, and then forwarded to brioctlcall, which causes unnecessary RTNL dance and a segmentation fault below 0 under RTNL pressure...

Astra Linux - уязвимость в gnutls28

No description...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: atl1c: Workaround for the DMA RX overflow issue This solution is based on the alx driver commit 881d0327db37 “net: alx: Workaround for the DMA RX overflow issue”. Both the alx and atl1c drivers experienced RX overflow errors,...

SUSE SLED15 / SLES15 Security Update : libsndfile (SUSE-SU-2026:1968-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1968-1 advisory. This update for libsndfile fixes the following issues - CVE-2025-52194: buffer overflow in the ircamreadheader...

Important: Red Hat Security Advisory: jq security update

An update for jq is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Oracle Linux 8 : rsync (ELSA-2026-17481)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-17481 advisory. 3.1.3-25 - Resolves: RHEL-169141 - CVE-2026-41035 - Use-after-free vulnerability in extended attribute handling Tenable has extracted the preceding description...

Unity Linux 20.1060e / 20.1070e Security Update: rubygem-actionpack (UTSA-2026-017610)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017610 advisory. The actionpack ruby gem before 6.1.3.2, 6.0.3.7, 5.2.4.6, 5.2.6 suffers from a possible denial of service vulnerability in the Token Authentication logic in Action...

Unity Linux 20.1060e / 20.1070e Security Update: expat (UTSA-2026-017351)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017351 advisory. In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating too fe...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: openssh (UTSA-2026-016493)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016493 advisory. OpenSSH before 10.3 mishandles the authorizedkeys principals option in uncommon scenarios involving a principals list in conjunction with a Certificate Authority tha...

Linux Distros Unpatched Vulnerability : CVE-2026-43245

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ntfs: -dcompare must not block ... so don't use getname there. Switch it and ntfsdhash, while we are at it to kmallocPATHMAX, GFPNOWAIT. Yes, ntfsdhash almost...

RHEL 9 : corosync (RHSA-2026:14213)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:14213 advisory. The corosync packages provide the Corosync Cluster Engine and C APIs for Red Hat Enterprise Linux cluster software. Security Fixes: corosyn...

CVE-2026-39402

lxc is a Linux container runtime. In the setuid helper lxc-user-nic, the delete path contains a logic flaw in the findline function that allows an unprivileged user to delete OVS-attached network interfaces belonging to other users. When lxc-user-nic delete scans its NIC database to authorize a...

Important: Red Hat Security Advisory: image-builder security update

An update for image-builder is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

[SECURITY] [DSA 6238-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6238-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 30, 2026 https://www.debian.org/security/faq -...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: libsoup (UTSA-2026-015475)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-015475 advisory. A flaw was found in libsoups WebSocket frame processing when handling incoming messages. If a non- default configuration is used where the maximum incoming payload...

Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance

Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2025-40318, CVE-2025-40271, CVE-2025-40269, CVE-2025-40170, CVE-2025-40158, CVE-2025-40141, CVE-2025-40135, CVE-2025-39760, CVE-2025-38730, CVE-2025-38459, CVE-2025-38415,...

Linux Distros Unpatched Vulnerability : CVE-2026-31681

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: xtmultiport: validate range encoding in checkentry portsmatchv1 treats any non-zero pflags entry as the start of a port range and unconditionally...

CVE-2026-31454

In the Linux kernel, the following vulnerability has been resolved: xfs: save ailp before dropping the AIL lock in push callbacks In xfsinodeitempush and xfsqmdquotlogitempush, the AIL lock is dropped to perform buffer IO. Once the cluster buffer no longer protects the log item from reclaim, the...