CVE-2026-31555

In the Linux kernel, the following vulnerability has been resolved: futex: Clear stale exiting pointer in futexlockpi retry path Fuzzying/stressing futexes triggered: WARNING: kernel/futex/core.c:825 at waitforownerexiting+0x7a/0x80, CPU11: futexlockpis/524 When futexlockpiatomic sees the owner i...

PT-2026-34907

In the Linux kernel, the following vulnerability has been resolved: futex: Clear stale exiting pointer in futex lock pi retry path Fuzzying/stressing futexes triggered: WARNING: kernel/futex/core.c:825 at wait for owner exiting+0x7a/0x80, CPU11: futex lock pi s/524 When futex lock pi atomic sees...

EUVD-2022-7769

Malicious code in bioql PyPI...

OESA-2025-2318 kubernetes security update

Container cluster management. Security Fixes: A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference...

GO-2025-3915 Kubernetes Nodes can delete themselves by adding an OwnerReference in k8s.io/kubernetes

Kubernetes Nodes can delete themselves by adding an OwnerReference in k8s.io/kubernetes...

OESA-2025-2283 kubernetes security update

Container cluster management. Security Fixes: A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference...

OESA-2025-2281 kubernetes security update

Container cluster management. Security Fixes: A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference...

OESA-2025-2280 kubernetes security update

Container cluster management. Security Fixes: A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference...

CVE-2025-5187

A vulnerability was found in the kube-apiserver's NodeRestriction admission controller, where node users can delete their corresponding node object by setting their own OwnerReference to a cluster-scoped resource. This flaw allows an attacker to delete and recreate its node object, leading to the...

GHSA-4X4M-3C2P-QPPC Kubernetes Nodes can delete themselves by adding an OwnerReference

A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference resource does not exist or is subsequently delete...

Kubernetes Nodes can delete themselves by adding an OwnerReference

A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference resource does not exist or is subsequently delete...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via the NodeRestriction admission controller. An attacker can cause unauthorized deletion of node objects by patching them with an OwnerReference to a cluster-scoped resource, resulting in the node being deleted...

CVE-2025-5187

CVE-2025-5187 is a Kubernetes NodeRestriction vulnerability: node users can delete their own node object by patching an OwnerReference to a cluster-scoped resource, leading to potential node deletion if the OwnerReference resource is missing or GC removes it. The IBM bulletin notes this CVE (alon...

CVE-2025-5187 Nodes can delete themselves by adding an OwnerReference

A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference resource does not exist or is subsequently delete...

CVE-2025-5187 Nodes can delete themselves by adding an OwnerReference

A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference resource does not exist or is subsequently delete...

Fedora 42 : kubernetes1.33 (2025-409ed32016)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-409ed32016 advisory. - Update to release v1.33.4 - Resolves: rhbz2388412 - Fixes CVE-2025-5187: Nodes can delete themselves by adding an OwnerReference - Upstream fixes Tenable h...

SUSE CVE-2024-26629

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix RELEASELOCKOWNER The test on socount in nfsd4releaselockowner is nonsense and harmful. Revert to using checkforlocks, changing that to not sleep. First: harmful. As is documented in the kdoc comment for...

Capsule Console 安全漏洞

Capsule Console is a web interface for Capsule8 from Capsule USA, Inc. for event management, sensor configuration, and system analysis. A security vulnerability exists in versions of Capsule prior to 0.1.3, which stems from the fact that an attacker can detach namespaces from tenants that are...

PT-2022-27782 · Capsule · Capsule

Name of the Vulnerable Software and Affected Versions: Capsule versions prior to 0.1.3 Description: Capsule is a multi-tenancy and policy-based framework for Kubernetes. A ServiceAccount deployed in a Tenant Namespace, when granted with PATCH capabilities on its own Namespace, is able to edit it...