CVE-2026-25598 Bypassing Logging of Outbound Connections Using sendto, sendmsg, and sendmmsg in Harden-Runner (Community Tier)

Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. Prior to 2.14.2, a security vulnerability has been identified in the Harden-Runner GitHub Action Community Tier that allows outbound network connections to evade audit logging. Specifically, outbound traffi...

CVE-2026-25598

The CVE-2026-25598 issue affects Harden-Runner (GitHub Actions Community Tier) prior to version 2.14.2. The root cause is that outbound traffic using socket calls sendto, sendmsg, and sendmmsg could bypass audit logging when egress-policy is set to audit, enabling potential evasion of monitoring....

CVE-2026-25598 Bypassing Logging of Outbound Connections Using sendto, sendmsg, and sendmmsg in Harden-Runner (Community Tier)

Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. Prior to 2.14.2, a security vulnerability has been identified in the Harden-Runner GitHub Action Community Tier that allows outbound network connections to evade audit logging. Specifically, outbound traffi...

CVE-2026-25598 Bypassing Logging of Outbound Connections Using sendto, sendmsg, and sendmmsg in Harden-Runner (Community Tier)

Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. Prior to 2.14.2, a security vulnerability has been identified in the Harden-Runner GitHub Action Community Tier that allows outbound network connections to evade audit logging. Specifically, outbound traffi...

GHSA-CPMJ-H4F6-R6PQ Harden-Runner: Bypassing Logging of Outbound Connections Using sendto, sendmsg, and sendmmsg in Harden-Runner (Community Tier)

Summary A security vulnerability has been identified in the Harden-Runner GitHub Action Community Tier that allows outbound network connections to evade audit logging. Specifically, outbound traffic using the sendto, sendmsg, and sendmmsg socket system calls can bypass detection and logging when...

EUVD-2011-4519

Malware in sbrugna...

SUSE CVE-2011-4594

The syssendmsg function in net/socket.c in the Linux kernel before 3.1 allows local users to cause a denial of service system crash via crafted use of the sendmmsg system call, leading to an incorrect pointer dereference...

Security update for nsd (moderate)

openSUSE Security Update: Security update for nsd Announcement ID: openSUSE-SU-2020:2222-1 Rating: moderate References: 1157331 1179191 Cross-References: CVE-2019-13207 CVE-2020-28935 Affected Products: openSUSE Leap 15.2 openSUSE Leap 15.1 openSUSE Backports SLE-15-SP2 openSUSE Backports...

Amazon Linux AMI : kernel (ALAS-2012-55)

A buffer overflow flaw was found in the way the Linux kernel's XFS file system implementation handled links with overly long path names. A local, unprivileged user could use this flaw to cause a denial of service or escalate their privileges by mounting a specially crafted disk. CVE-2011-4077 ,...

CVE-2011-4594

The syssendmsg function in net/socket.c in the Linux kernel before 3.1 allows local users to cause a denial of service system crash via crafted use of the sendmmsg system call, leading to an incorrect pointer dereference...

kernel: send(m)msg: user pointer dereferences

The syssendmsg function in net/socket.c in the Linux kernel before 3.1 allows local users to cause a denial of service system crash via crafted use of the sendmmsg system call, leading to an incorrect pointer dereference...

UBUNTU-CVE-2011-4594

The syssendmsg function in net/socket.c in the Linux kernel before 3.1 allows local users to cause a denial of service system crash via crafted use of the sendmmsg system call, leading to an incorrect pointer dereference...

PT-2011-5001 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.1 Description: The issue allows local users to cause a denial of service, resulting in a system crash, via crafted use of the sendmmsg system call. This is due to an incorrect pointer dereference in the sys...

CVE-2011-4594

The syssendmsg function in net/socket.c in the Linux kernel before 3.1 allows local users to cause a denial of service system crash via crafted use of the sendmmsg system call, leading to an incorrect pointer dereference...