Ubuntu 20.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-8439-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8439-1 advisory. Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission chec...

kernel security update

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

RLSA-2026:25191 Critical: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service CVE-2026-31419 kernel: Linux kernel: Denial of Service in erofs filesystem CVE-2026-31467 kernel: can: raw: fix...

RockyLinux 10 : kernel (RLSA-2026:25191)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:25191 advisory. kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service CVE-2026-31419 kernel: Linux kernel: Denial of Service in erofs...

Critical: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

ALSA-2026:25191 Critical: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service CVE-2026-31419 kernel: Linux kernel: Denial of Service in erofs filesystem CVE-2026-31467 kernel: can: raw: fix...

AlmaLinux 10 : kernel (ALSA-2026:25191)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:25191 advisory. kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service CVE-2026-31419 kernel: Linux kernel: Denial of Service in erofs...

RHEL 10 : kernel (RHSA-2026:25191)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:25191 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Use-after-free...

CVE-2023-2640-CVE-2023-32629-Interactive-PoC

CVE-2023-2640 & CVE-2023-32629 GameOverLay - Real Host Root...

CVE-2026-46054

A flaw was found in the Linux kernel's SELinux security module when handling overlayfs. The existing security model for overlayfs does not properly enforce access controls for mmap and mprotect operations. This oversight could allow a local attacker to bypass intended security policies, potential...

UBUNTU-CVE-2026-46054

In the Linux kernel, the following vulnerability has been resolved: selinux: fix overlayfs mmap and mprotect access checks The existing SELinux security model for overlayfs is to allow access if the current task is able to access the top level file the "user" file and the mounter's credentials ar...

CVE-2026-46054

In the Linux kernel, the following vulnerability has been resolved: selinux: fix overlayfs mmap and mprotect access checks The existing SELinux security model for overlayfs is to allow access if the current task is able to access the top level file the "user" file and the mounter's credentials ar...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from incomplete access checks for mmap and mprotect functions in the overlayfs module of SELinux. This...

CVE-2026-46054

selinux: fix overlayfs mmap and mprotect access checks...

Ubuntu 20.04 LTS : Linux kernel (GCP) vulnerabilities (USN-8297-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8297-1 advisory. Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission chec...

USN-8297-1 linux-gcp-5.15 vulnerabilities

Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. CVE-2023-2640 Shir Tamari and Sagi Tzadik...

USN-8297-1: Linux kernel (GCP) vulnerabilities

Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. CVE-2023-2640 Shir Tamari and Sagi Tzadik...

CVE-2026-46680 vulnerabilities

Vulnerabilities for packages: buildkitd, helm-mapkubeapis, consul-k8s, xeol, kubescape-operator, steampipe, helm-operator, trivy, tigera-operator, kube-arangodb, neuvector-scanner, docker-cli-buildx, cluster-api-helm-controller, docker-compose, eksctl, chartmuseum, ctop, kubescape, trivy-operator...

CVE-2026-46680 vulnerabilities

Vulnerabilities for packages: trivy, kubescape-operator-fips, datadog-agent, newrelic-infrastructure-agent, livekit-cli, neuvector-scanner, scorecard, manifest-tool, opa, docker-compose, gogatekeeper, kubescape-server, eks-node-monitoring-agent, kaniko-fips, opa-fips-envoy, google-osconfig-agent,...

Astra Linux - уязвимость в linux, linux-5.10

A flaw was discovered in the OverlayFS subsystem of the Linux kernel, regarding the way users mount the TmpFS filesystem using OverlayFS. This flaw allows a local user to gain access to hidden files that should not be accessible...