382 matches found
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001499)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001499 advisory. A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/xtables.c. This allows an attacker to gain privileges or cause a DoS via...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000837)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000837 advisory. fs/namespace.c in the Linux kernel before 4.0.2 processes MNTDETACH umount2 system calls without verifying that the MNTLOCKED flag is unset, which allows local users...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001063)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001063 advisory. The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002088)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002088 advisory. The doremount function in fs/namespace.c in the Linux kernel through 3.16.1 does not maintain the MNTLOCKREADONLY bit across a remount of a bind mount, which allows...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001909)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001909 advisory. The doremount function in fs/namespace.c in the Linux kernel through 3.16.1 does not maintain the MNTLOCKREADONLY bit across a remount of a bind mount, which allows...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002082)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002082 advisory. fs/namespace.c in the Linux kernel before 4.0.2 processes MNTDETACH umount2 system calls without verifying that the MNTLOCKED flag is unset, which allows local users...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003140)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003140 advisory. In the Linux kernel 4.15.x through 4.19.x before 4.19.2, mapwrite in kernel/usernamespace.c allows privilege escalation because it mishandles nested user namespaces...
SUSE CVE-2025-71066
In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: Always remove class from active list before deleting in etsqdiscchange [email protected] says: The vulnerability is a race condition between etsqdiscdequeue and etsqdiscchange. It leads to UAF on stru...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001697)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001697 advisory. In the Linux kernel before 5.17.3, fs/iouring.c has a use-after-free due to a race condition in iouring timeouts. This can be triggered by a local user who has no...
Siemens Ruggedcom ROX Privilege Dropping (CVE-2018-7169)
An issue was discovered in shadow 4.5. newgidmap in shadow-utils is setuid and allows an unprivileged user to be placed in a user namespace where setgroups2 is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if...
RLSA-2025:23279 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns CVE-2025-38499 kernel: net: tun: Update napi-skb after XDP process CVE-2025-39984 For more details about the...
RLSA-2025:23241 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns CVE-2025-38499 kernel: iommufd: Fix race during abort for file descriptors CVE-2025-39966 kernel: tls: wait for...
Important: Red Hat Security Advisory: kpatch-patch-5_14_0-611_9_1 security update
An update for kpatch-patch-5140-61191 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
kernel: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns
A vulnerability was found in cloneprivatemount in fs/namespace.c in filesystem subsystem in the Linux Kernel.This flaw could allow a local attacker to crash the system or leak kernel internal information...
Oracle Linux 10 : kernel (ELSA-2025-23279)
The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-23279 advisory. - CVE-2025-38499 kernel: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns Abhi Das RHEL-129282 CVE-2025-38499 Tenable has...
kernel: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns
A vulnerability was found in cloneprivatemount in fs/namespace.c in filesystem subsystem in the Linux Kernel.This flaw could allow a local attacker to crash the system or leak kernel internal information...
kernel: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns
A vulnerability was found in cloneprivatemount in fs/namespace.c in filesystem subsystem in the Linux Kernel.This flaw could allow a local attacker to crash the system or leak kernel internal information...
kernel: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns
A vulnerability was found in cloneprivatemount in fs/namespace.c in filesystem subsystem in the Linux Kernel.This flaw could allow a local attacker to crash the system or leak kernel internal information...
ALSA-2025:23241 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns CVE-2025-38499 kernel: iommufd: Fix race during abort for file descriptors CVE-2025-39966 kernel: tls: wait for...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989072)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989072 advisory. In the Linux kernel, the following vulnerability has been resolved: afunix: Get userns from inskb in unixdiaggetexact. Wei Chen reported a NULL deref in skuserns 01,...