Low: Red Hat Security Advisory: rsync security update

An update for rsync is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Oracle Linux 9 : jq (ELSA-2025-10585)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-10585 advisory. - Fix CVE-2025-48060 - Fix CVE-2024-23337 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

Oracle Linux 10 : kernel (ELSA-2025-7956)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-7956 advisory. 6.12.0-55.19.1.0.10.OL10 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Add new Oracle Linux Driver Signing key 1 certificate...

Oracle Linux 10 : kernel (ELSA-2025-9348)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-9348 advisory. 6.12.0-55.19.1.0.10.OL10 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Add new Oracle Linux Driver Signing key 1 certificate...

Oracle Linux 7 : libsoup (ELSA-2025-9179)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-9179 advisory. - Fixes CVE-2025-2784 CVE-2025-4948 CVE-2025-32049 Orabug: 38085184 - CVE-2025-32906 CVE-2025-32911 CVE-2025-32913 CVE-2025-32914 - Fixed CVE-2024-5253...

June Linux Patch Wednesday

JuneLinux Patch Wednesday. This time, there are 598 vulnerabilities, almost half as many as in May. Of these, 355 are in the Linux Kernel. There are signs of exploitation in the wild for 3 vulnerabilities CISA KEV. SFB - Chromium CVE-2025-2783 MemCor - Chromium CVE-2025-5419 CodeInj - Hibernate...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...

Vulnerabilities of functions rtk_usb2phy_probe() and devm_kzalloc() in the Linux operating system, allowing attackers to cause service failures

The vulnerabilities of the rtkusb2phyprobe and devmkzalloc functions in the Linux operating system are related to pointer arithmetic errors. Exploiting these vulnerabilities can allow an attacker to cause a service failure...

Oracle Linux 10 : ghostscript (ELSA-2025-7499)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-7499 advisory. - RHEL-88964 CVE-2025-27832 ghostscript: NPDL device: Compression buffer overflow - RHEL-67044 CVE-2024-46951 ghostscript: Arbitrary Code Execution in...

Oracle Linux 10 : java-21-openjdk (ELSA-2025-7508)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-7508 advisory. 1:21.0.7.0.6-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:21.0.7.0.6-1 - Update to jdk-21.0.7+6 GA - Update release notes to 21.0.7+6 - Rebase...

Photon OS 5.0: Linux PHSA-2025-5.0-0540

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0540. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

SUSE SLES15 Security Update : go1.24-openssl (SUSE-SU-2025:02120-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02120-1 advisory. Update to version 1.24.4 bsc1236217: - CVE-2025-22874 crypto/x509: ExtKeyUsageAny bypasses policy validation bsc1244158. -...

Google Chrome Security Update (stable-channel-update-for-desktop_24-2025-06) - Linux

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

Amazon Linux 2023 : python3, python3-devel, python3-idle (ALAS2023-2025-1046)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1046 advisory. Allows modifying some file metadata e.g. last modified with filter=data or file permissions chmod with filter=tar of files outside the extraction directory.You are affected by this vulnerabili...

New Linux Flaws Enable Full Root Access via PAM and Udisks Across Major Distributions

Cybersecurity researchers have uncovered two local privilege escalation LPE flaws that could be exploited to gain root privileges on machines running major Linux distributions. The vulnerabilities, discovered by Qualys, are listed below - CVE-2025-6018 - LPE from unprivileged to allowactive in...

Qualys TRU Uncovers Chained LPE: SUSE 15 PAM to Full Root via libblockdev/udisks

The Qualys Threat Research Unit TRU has discovered two linked local privilege escalation LPE flaws. The first CVE-2025-6018 resides in the PAM configuration of openSUSE Leap 15 and SUSE Linux Enterprise 15. Using this vulnerability, an unprivileged local attacker—for example, via SSH—can elevate ...

Alibaba Cloud Linux 3 : 0088: perl-FCGI:0.78 (ALINUX3-SA-2025:0088)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2025:0088 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-40907: FCGI versions 0.44 through 0.82, fo...

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: eth: bnxt: fix truesize for mb-xdp-pass case CVE-2025-21961 kernel: Bluetooth: L2CAP: Fix slab-use-after-free Read in l2capsendcmd CVE-2025-21969 kernel: cifs: Fix integer overflow while...

TencentOS Server 2: freeradius (TSSA-2024:0379)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0379 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...