165 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: xfrm/compat: prevented potential Spectre v1 exploits in xfrmxlate32attr int type = nlatypenla; if type XFRMAMAX return -EOPNOTSUPP; @type is then used as an array index and can be exploited as a Spectre v1 exploit. if nlalennl...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: dm ioctl: prevents potential Spectre v1 exploits. It seems that cmd could be a Spectre v1 exploit, as it is provided by a user and used as an array index. This vulnerability prevents the contents of kernel memory from being leake...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021618)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021618 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in fibmetricsmatch if !type continue; if type RTAXMAX...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013686)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013686 advisory. In the Linux kernel, the following vulnerability has been resolved: xfrm/compat: prevent potential spectre v1 gadget in xfrmxlate32attr int type = nlatypenla...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990540)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990540 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in ipmetricsconvert if !type continue; if type RTAXMAX...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990441)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990441 advisory. In the Linux kernel, the following vulnerability has been resolved: dm ioctl: prevent potential spectre v1 gadget It appears like cmd could be a Spectre v1 gadget as...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990310)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990310 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in ipmetricsconvert if !type continue; if type RTAXMAX...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989509)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989509 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in fibmetricsmatch if !type continue; if type RTAXMAX...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988990)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988990 advisory. In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix potential spectre v1 gadget It appears like nr could be a Spectre v1 gadget a...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990207)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990207 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in fibmetricsmatch if !type continue; if type RTAXMAX...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989650)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989650 advisory. In the Linux kernel, the following vulnerability has been resolved: netlink: prevent potential spectre v1 gadgets Most netlink attributes are parsed and validated...
EUVD-2022-55092
In the Linux kernel, the following vulnerability has been resolved: dm ioctl: prevent potential spectre v1 gadget It appears like cmd could be a Spectre v1 gadget as it's supplied by a user and used as an array index. Prevent the contents of kernel memory from being leaked to userspace via...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986985)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986985 advisory. In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix potential spectre v1 gadget It appears like nr could be a Spectre v1 gadget a...
EUVD-2023-59723
Malicious code in bioql PyPI...
EUVD-2023-59724
Malicious code in bioql PyPI...
EUVD-2023-59720
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2023-52997
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipv4: prevent potential spectre v1 gadget in ipmetricsconvert if !type continue; if type RTAXMAX return -EINVAL; ... metricstype - 1 = val; @type being used as ...
kernel: dm ioctl: prevent potential spectre v1 gadget
A vulnerability was found in the Linux kernel's dm-ioctl interface in the lookupioctl function, which accepts a user-provided cmd value that is used to index the ioctls array directly. This issue could lead to an out-of-bounds access if the CPU speculatively executes the array access before cmd i...
RHEL 8 : kernel (RHSA-2025:10005)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10005 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Bluetooth: Fix use after free...
CVE-2023-52997
A vulnerability was found in the Linux kernel's ipmetricsconvert function, where improper handling of user input can potentially leak kernel memory via side channels. This issue is caused by the use of @type, a user-controlled input, which is an array within this function. If a CPU speculatively...