CVE-2026-47326

Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory leak in the handling of big responses to AppArmor notifications. The bug can be triggered by an unprivileged local user. The memory leak could lead to resource exhaustion...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003850)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003850 advisory. A flaw in netrdsallocsgs in Oracle Linux kernels allows unprivileged local users to crash the machine. CVSS 3.1 Base Score 6.2 Availability impacts. CVSS Vector...

PT-2026-2281

Name of the Vulnerable Software and Affected Versions Avahi versions prior to 0.9-rc2 Description Avahi, a system for service discovery on a local network using the mDNS/DNS-SD protocol suite, is susceptible to a denial-of-service condition. An unprivileged local user can cause the avahi-daemon t...

PT-2026-1436

Name of the Vulnerable Software and Affected Versions AirVPN Eddie version 2.24.6 Description The software contains an insecure XPC service that allows local, unprivileged users to escalate their privileges to root. Recommendations Update to a newer version that contains a fix for this...

CVE-2025-59529 simple protocol server ignores accepts unlimited connections and logs failures without limit

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions up to and including 0.9-rc2, the simple protocol server ignores the documented client limit and accepts unlimited connections, allowing for easy local DoS. Although CLIENTSMAX ...

EUVD-2024-1086

Malicious code in bioql PyPI...

kernel: net: fix udp gso skb_segment after pull from frag_list

A denial of service vulnerability has been discovered in the Linux kernel's UDP Generic Segmentation Offload GSO functionality. This flaw allows a local, unprivileged user to trigger a kernel crash by generating UDP packets with a specially malformed fraglist geometry. Successful exploitation of...

Arbitrary File Read

github.com/canonical/pebble is vulnerable to a Arbitrary File Read. The vulnerability is due to the read-file API and the associated pebble pull command, allowing unprivileged local users to access files with root-equivalent permissions when Pebble is operating as root...

IBM AIX and IBM Vios Input Validation Error Vulnerability

IBM AIX and IBM Vios are both products of the International Business Machines IBM Corporation.IBM AIX is an open standards-based UNIX operating system developed for the IBM Power architecture.IBM Vios is part of the PowerVm® Editions hardware feature. IBM Vios is part of the PowerVm® Editions...

K000135206: Linux kernel vulnerability CVE-2023-32233

Security Advisory Description In the Linux kernel through 6.3.1, a use-after-free in Netfilter nftables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous...

AlmaLinux 8 : kernel (ALSA-2023:3349)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:3349 advisory. - In the Linux kernel through 6.3.1, a use-after-free in Netfilter nftables when processing batch requests can be abused to perform arbitrary read and write...

CVE-2023-32233

In the Linux kernel through 6.3.1, a use-after-free in Netfilter nftables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled...

CVE-2023-32233

In the Linux kernel through 6.3.1, a use-after-free in Netfilter nftables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled...

SUSE CVE-2020-13938

Apache HTTP Server versions 2.4.0 to 2.4.46 Unprivileged local users can stop httpd on Windows...

kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region

A flaw was found in KVM. When updating a guest's page table entry, vmpgoff was improperly used as the offset to get the page's pfn. As vaddr and vmpgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and...

CVE-2022-21385

A flaw in netrdsallocsgs in Oracle Linux kernels allows unprivileged local users to crash the machine. CVSS 3.1 Base Score 6.2 Availability impacts. CVSS Vector CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H...

UBUNTU-CVE-2022-21385

A flaw in netrdsallocsgs in Oracle Linux kernels allows unprivileged local users to crash the machine. CVSS 3.1 Base Score 6.2 Availability impacts. CVSS Vector CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H...

CVE-2022-21385

CVE-2022-21385 is a vulnerability in the Oracle Linux kernel’s net_rds_alloc_sgs() function that allows unprivileged local users to crash the machine. The issue is rated CVSS 3.1 base score 6.2 (Availability impact). The connected documents confirm the flaw exists in Oracle Linux kernels and is r...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from a security vulnerability that stems from a flaw in its netrdsallocsgs that allows unprivileged local users to crash their computers...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2022-9727)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9727 advisory. 5.4.17-2136.310.7.1 - rds: copyfromuser only once per rdssendmsg system call Hans Westgaard Ry Orabug: 33981855 CVE-2022-21385 Tenable has extracted the...