kernel: mm: call the security_mmap_file() LSM hook in remap_file_pages()

A flaw was found in the remapfilepages function in mm/mmap.c in the Linux kernel, where it does not properly restrict execute access. This vulnerability allows local users to bypass intended SELinux W^X policy restrictions...

Eclipse Jetty DoS Vulnerability (GHSA-889j-63jv-qhr8) - Linux

Eclipse Jetty is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:eclipse:jetty";...

Mageia: Security Advisory (MGASA-2025-0155)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Alibaba Cloud Linux 3 : 0108: GNOME (ALINUX3-SA-2022:0108)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0108 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2018-20337: There is a stack-based...

Alibaba Cloud Linux 3 : 0042: gupnp (ALINUX3-SA-2021:0042)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2021:0042 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-33516: An issue was discovered in GUPnP...

GLSA-202505-02 : Mozilla Firefox: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202505-02 Mozilla Firefox: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in Mozilla Firefox. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description...

Mageia: Security Advisory (MGASA-2025-0151)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

perl security update

An update is available for perl. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Perl is a high-level programming language that is commonly used for system...

tigervnc security update

An update is available for tigervnc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Virtual Network Computing VNC is a remote display system which allows users ...

python3.12-cryptography bug fix and enhancement update

An update is available for python3.12-cryptography. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the...

tcpdump security update

An update is available for tcpdump. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The tcpdump packages contain the tcpdump utility for monitoring network...

ghostscript security update

An update is available for ghostscript. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Ghostscript suite contains utilities for rendering PostScript and PDF...

grub2 security update

An update is available for grub2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a...

libreoffice security update

An update is available for libreoffice. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list LibreOffice is an open source, community-developed office productivity...

.NET 8.0 security, bug fix, and enhancement update

An update is available for dotnet8.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...

dotnet6.0 security update

An update is available for dotnet6.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...

python3.12-PyMySQL bug fix and enhancement update

An update is available for python3.12-PyMySQL. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

linux-firmware security update

An update is available for linux-firmware. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The linux-firmware packages contain all of the firmware files that are...

Configure a Proper Number of Queues in the SYN_RECV State

The SYNRECV queue stores the TCP connection requests that have not been confirmed by the peer end. A larger value indicates more waiting network connections. If the value is too small, the system is vulnerable to TCP SYN flood attacks. As a result, normal connections are denied. If the value is t...

Enable Kernel ASLR

Address-space layout randomization ASLR randomly arranges the positions of the stack, function libraries, and programs to slightly different positions each time. As a result, the correct positions cannot be guessed, and buffer overflow attacks fail. In the Linux kernel, ASLR is classified into...