SUSE CVE-2026-6420

A flaw was found in Keylime. An attacker with root access on an enrolled monitored machine, where the Keylime agent runs, can exploit a vulnerability in the Keylime verifier. The verifier uses a hardcoded challenge nonce for Trusted Platform Module TPM quote attestation instead of a...

CVE-2026-40323 SP1 V6 Recursion Circuit Row-Count Binding Gap

SP1 is a zero‑knowledge virtual machine that proves the correct execution of programs compiled for the RISC-V architecture. In versions 6.0.0 through 6.0.2, a soundness vulnerability in the SP1 V6 recursive shard verifier allows a malicious prover to construct a recursive proof from a shard proof...

Exploit for CVE-2026-31413

CVE-2026-31413: One Byte in the BPF Verifier to Container Esca...

GHSA-RJR4-V43M-PXQ6 Triton VM has a Soundness Vulnerability due to Improper Sampling of Randomness

In affected versions of Triton VM, the verifier failed to correctly sample randomness in the FRI sub-protocol. Malicious provers can exploit this to craft proofs for arbitrary statements that this verifier accepts as valid, undermining soundness. Protocols that rely on proofs and the supplied...

MiracleLinux 8 : java-21-openjdk-21.0.2.0.13-1.el8.ML.1 (AXSA:2024-7439:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7439:03 advisory. OpenJDK: array out-of-bounds access due to missing range check in C1 compiler 8314468 CVE-2024-20918 OpenJDK: RSA padding issue and timing...

MiracleLinux 8 : java-11-openjdk-11.0.22.0.7-2.el8 (AXSA:2024-7445:04)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7445:04 advisory. OpenJDK: array out-of-bounds access due to missing range check in C1 compiler 8314468 CVE-2024-20918 OpenJDK: RSA padding issue and timing...

MiracleLinux 9 : java-1.8.0-openjdk-1.8.0.402.b06-2.el9.ML.1 (AXSA:2024-7446:04)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7446:04 advisory. OpenJDK: array out-of-bounds access due to missing range check in C1 compiler 8314468 CVE-2024-20918 OpenJDK: RSA padding issue and timing...

MiracleLinux 9 : java-21-openjdk-21.0.2.0.13-1.el9.ML.1 (AXSA:2024-7447:04)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7447:04 advisory. OpenJDK: array out-of-bounds access due to missing range check in C1 compiler 8314468 CVE-2024-20918 OpenJDK: RSA padding issue and timing...

MiracleLinux 9 : java-11-openjdk-11.0.22.0.7-2.el9.ML.1 (AXSA:2024-7450:05)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7450:05 advisory. OpenJDK: array out-of-bounds access due to missing range check in C1 compiler 8314468 CVE-2024-20918 OpenJDK: RSA padding issue and timing...

MiracleLinux 8 : java-17-openjdk-17.0.10.0.7-2.el8 (AXSA:2024-7459:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7459:03 advisory. OpenJDK: array out-of-bounds access due to missing range check in C1 compiler 8314468 CVE-2024-20918 OpenJDK: incorrect handling of ZIP files with...

MiracleLinux 8 : java-1.8.0-openjdk-1.8.0.402.b06-2.el8 (AXSA:2024-7448:05)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7448:05 advisory. OpenJDK: array out-of-bounds access due to missing range check in C1 compiler 8314468 CVE-2024-20918 OpenJDK: RSA padding issue and timing...

MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.402.b06-1.el7 (AXSA:2024-7425:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7425:01 advisory. OpenJDK: array out-of-bounds access due to missing range check in C1 compiler 8314468 CVE-2024-20918 OpenJDK: RSA padding issue and timing...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003893)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003893 advisory. A vulnerability was found in the Linux kernel's EBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A loc...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414655)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414655 advisory. An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls devmapinitmap o...

PT-2025-44118

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the BPF verifier in the check alu op function. The verifier incorrectly performs scalar adjustments for BPF NEG operations when the destination...

Updated java 1.8.0, 11 & latest packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Array out-of-bounds access due to missing range check in C1 compiler. CVE-2024-20918 RSA padding issue and timing side-channel attack against TLS. CVE-2024-20952 Arbitrary Java code execution in Nashorn. CVE-2024-20926 JVM class file verifier fla...

SUSE-SU-2024:0847-1 Security update for java-1_8_0-openjdk

This update for java-180-openjdk fixes the following issues: - CVE-2024-20952: Fixed RSA padding issue and timing side-channel attack against TLS 8317547 bsc1218911. - CVE-2024-20921: Fixed range check loop optimization issue 8314307 bsc1218905. - CVE-2024-20926: Fixed rbitrary Java code executio...

kernel: bpf: Incorrect verifier pruning leads to unsafe code paths being incorrectly marked as safe

An incorrect verifier pruning flaw was found in BPF in the Linux Kernel that may lead to unsafe code paths incorrectly marked as safe, resulting in arbitrary read/writes in kernel memory, lateral privilege escalation, and container escape...

SUSE-SU-2024:0605-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: Update to Java 8.0 Service Refresh 8 Fix Pack 20: bsc1219843 Security fixes: - CVE-2023-33850: Fixed information disclosure vulnerability due to the consumed GSKit library bsc1219843. - CVE-2024-20932: Fixed incorrect handling of ZIP files...

CLSA-2024-1706698462 java-1.8.0-openjdk: Fix of 6 CVEs

Upgrade to shenandoah-jdk8u402-b06. That fixes following CVEs: - CVE-2024-20918: Array out-of-bounds access due to missing range check in C1 compiler - CVE-2024-20919: JVM class file verifier flaw allows unverified bytecode execution - CVE-2024-20921: Range check loop optimization issue -...