EUVD-2024-2819

Malicious code in bioql PyPI...

EUVD-2022-24401

Malicious code in bioql PyPI...

CVE-2022-50280 pnode: terminate at peers of source

In the Linux kernel, the following vulnerability has been resolved: pnode: terminate at peers of source The propagatemnt function handles mount propagation when creating mounts and propagates the source mount tree @sourcemnt to all applicable nodes of the destination propagation mount tree headed...

Linux Distros Unpatched Vulnerability : CVE-2025-38499

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns What we want is to verify there is that clone won't expose something hidden by a moun...

Linux Distros Unpatched Vulnerability : CVE-2022-24778

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The imgcrypt library provides API exensions for containerd to support encrypted container images and implements the ctd-decoder command line tool for use by...

Linux Distros Unpatched Vulnerability : CVE-2015-8709

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace,...

Linux Distros Unpatched Vulnerability : CVE-2020-13753

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONENEWUSER and the TIOCSTI ioctl. CLONENEWUSER could...

Linux Distros Unpatched Vulnerability : CVE-2021-3493

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an...

UBUNTU-CVE-2025-38247

In the Linux kernel, the following vulnerability has been resolved: userns and mntidmap leak in opentreeattr2 Once wantmountsetattr has returned a positive, it does require finishmountkattr to release -mntuserns. Failing domountsetattr does not change that. As the result, we can end up leaking...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from userns and mntidmap leaks in opentreeattr...

Astra Linux – Vulnerability in runc-app

Runc is a CLI tool for spawning and running containers according to the OCI specification. Runc versions 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be exploited by creating empty files or directories in arbitrary locations within the host filesystem. This is achieved by sharing a...

containerd 安全漏洞

containerd is an industry-standard container runtime open-sourced by containerd. A security vulnerability exists in containerd versions prior to 2.0.1 through 2.0.5 that stems from not placing user namespace containers under the Kubernetes cgroup hierarchy, which could result in a denial of servi...

CVE-2025-46836

A flaw was found in net-tools. This vulnerability allows arbitrary code execution or a crash via improper handling of interface labels from /proc/net/dev. Mitigation To mitigate this vulnerability, disable unprivileged user-namespaces sysctl kernel.unprivilegedusernsclone=0 to remove the easiest...

CBL Mariner 2.0 Security Update: cri-tools / moby-runc / runc (CVE-2024-45310)

The version of cri-tools / moby-runc / runc installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-45310 advisory. - runc is a CLI tool for spawning and running containers according to the OCI...

Linux Distros Unpatched Vulnerability : CVE-2019-20794

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed. A user can create their own PID namespace, and...

Linux Distros Unpatched Vulnerability : CVE-2017-1000111

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Linux kernel: heap out-of-bounds in AFPACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that...

MGASA-2025-0004 Updated opencontainers-runc packages fix security vulnerability

runc 1.1.13 and earlier as well as 1.2.0-rc2 and earlier can be tricked into creating empty files or directories in arbitrary locations in the host filesystem by sharing a volume between two containers and exploiting a race with os.MkdirAll. While this can be used to create empty files, existing...

Updated opencontainers-runc packages fix security vulnerability

runc 1.1.13 and earlier as well as 1.2.0-rc2 and earlier can be tricked into creating empty files or directories in arbitrary locations in the host filesystem by sharing a volume between two containers and exploiting a race with os.MkdirAll. While this can be used to create empty files, existing...

EulerOS 2.0 SP12 : docker-runc (EulerOS-SA-2024-2949)

According to the versions of the docker-runc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and...

EulerOS 2.0 SP12 : docker-runc (EulerOS-SA-2024-2934)

According to the versions of the docker-runc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and...