Configure a Proper Number of Queues in the SYN_RECV State

The SYNRECV queue stores the TCP connection requests that have not been confirmed by the peer end. A larger value indicates more waiting network connections. If the value is too small, the system is vulnerable to TCP SYN flood attacks. As a result, normal connections are denied. If the value is t...

RockyLinux 8 : tuned (RLSA-2024:11161)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:11161 advisory. tuned: improper sanitization of instancename parameter of the instancecreate method CVE-2024-52337 Tenable has extracted the preceding description block directly...

Do Not Allow Hidden Executable Files

In Linux, the name of a hidden file starts with a dot .. Hidden executable files are not allowed in the system. Note that . and . are not hidden files. They refer to the current directory and upper-level directory, respectively. The .bashrc, .bashprofile, and .bashlogout files are script files us...

Azure Linux 3.0 Security Update: qemu (CVE-2024-4467)

The version of qemu installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-4467 advisory. - A flaw was found in the QEMU disk image utility qemu-img 'info' command. A specially crafted image file...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21669)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21669 advisory. - In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: discard packets if the...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21963)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21963 advisory. - In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21968)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21968 advisory. - In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix slab-use-after- fre...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21680)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21680 advisory. - In the Linux kernel, the following vulnerability has been resolved: pktgen: Avoid out-of-bounds access in...

Azure Linux 3.0 Security Update: containerd / containerd2 / moby-containerd / moby-containerd-cc (CVE-2024-40635)

The version of containerd / containerd2 / moby-containerd / moby-containerd-cc installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-40635 advisory. - containerd is an open-source container runtime. A b...

Azure Linux 3.0 Security Update: pytorch (CVE-2025-32434)

The version of pytorch installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-32434 advisory. - PyTorch is a Python package that provides tensor computation with strong GPU acceleration and deep neural...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21920)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21920 advisory. - In the Linux kernel, the following vulnerability has been resolved: vlan: enforce underlying device type...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21683)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21683 advisory. - In the Linux kernel, the following vulnerability has been resolved: bpf: Fix bpfskselectreuseport memory lea...

Azure Linux 3.0 Security Update: pgbouncer (CVE-2025-2291)

The version of pgbouncer installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-2291 advisory. - Password can be used past expiry in PgBouncer due to authquery not taking into account Postgres its VALID...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21996)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21996 advisory. - In the Linux kernel, the following vulnerability has been resolved: drm/radeon: fix uninitialized size issue...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21761)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21761 advisory. - In the Linux kernel, the following vulnerability has been resolved: openvswitch: use RCU protection in...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21689)

"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21689 advisory. - In the Linux kernel, the following vulnerability has been resolved: USB: serial: quatech2: fix null-ptr-...

Azure Linux 3.0 Security Update: cf-cli / cni-plugins / containerized-data-importer / docker-compose / kubevirt / sriov-network-device-plugin (CVE-2025-22872)

The version of cf-cli / cni-plugins / containerized-data-importer / docker-compose / kubevirt / sriov-network-device- plugin installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-22872 advisory. - The...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21887)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21887 advisory. - In the Linux kernel, the following vulnerability has been resolved: ovl: fix UAF in ovldentryupdatereval by...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21756)

"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21756 advisory. - In the Linux kernel, the following vulnerability has been resolved: vsock: Keep the binding until socket...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21934)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21934 advisory. - In the Linux kernel, the following vulnerability has been resolved: rapidio: fix an API misues when rioaddne...