SUSE CVE-2026-45841

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkosf: fix divide-by-zero in OSFWSSMODULO nfosfmatchone computes ctx-window % f-wss.val in the OSFWSSMODULO branch with no guard for f-wss.val == 0. A CAPNETADMIN user can add such a fingerprint via nfnetlink; a...

CVE-2026-4056 User Registration & Membership <= 5.1.4 - Missing Authorization to Authenticated (Contributor+) Content Access Rule Manipulation

The User Registration & Membership plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the Content Access Rules REST API endpoints in versions 5.0.1 through 5.1.4. This is due to the checkpermissions method only checking for editposts...

CVE-2026-4056

The CVE-2026-4056 entry concerns the WordPress plugin “User Registration & Membership.” The vulnerability arises from a missing capability check in the Content Access Rules REST API endpoints, where the code path only validates the edit_posts permission instead of an administrator-level capabilit...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002318)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002318 advisory. Multiple buffer overflows in drivers/staging/wlags49h2/wlpriv.c in the Linux kernel before 3.12 allow local users to cause a denial of service or possibly have...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001845)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001845 advisory. Multiple buffer underflows in the XFS implementation in the Linux kernel through 3.12.1 allow local users to cause a denial of service memory corruption or possibly...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002055)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002055 advisory. The doumount function in fs/namespace.c in the Linux kernel through 3.17 does not require the CAPSYSADMIN capability for doremountsb calls that change the root...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001773)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001773 advisory. A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer skb was assumed to be associated with a device before calling...

RLSA-2025:23279 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns CVE-2025-38499 kernel: net: tun: Update napi-skb after XDP process CVE-2025-39984 For more details about the...

Unbreakable Enterprise kernel security update

5.4.17-2136.348.3 - hugetlbfs: take readlock on immap for PMD sharing Waiman Long Orabug: 38459576 - kallsyms: add modulekallsymsoneachsymbollocked Julian Pidancet Orabug: 37629344 Orabug: 38418686 - kallsyms: export modulekallsymsoneachsymbol Julian Pidancet Orabug: 37629344 Orabug: 38418686...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414609)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414609 advisory. An out-of-bounds OOB memory write flaw was found in listdevices in drivers/md/dm-ioctl.c in the Multi- device driver module in the Linux kernel before 5.12. A bound...

CVE-2023-53570 wifi: nl80211: fix integer overflow in nl80211_parse_mbssid_elems()

In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: fix integer overflow in nl80211parsembssidelems nl80211parsembssidelems uses a u8 variable numelems to count the number of MBSSID elements in the nested netlink attribute attrs, which can lead to an integer overflo...

EUVD-2022-48307

Malicious code in bioql PyPI...

AZL-66174 CVE-2025-38499 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns What we want is to verify there is that clone won't expose something hidden by a mount we wouldn't be able to undo. "Wouldn't be able to undo" may be a...

CVE-2025-38499

CVE-2025-38499 affects the Linux kernel. The issue arises in clone_private_mnt() where CAP_SYS_ADMIN is checked in the wrong user namespace, potentially allowing a local attacker with low privileges to influence mount handling and affect availability. The referenced advisories show this CVE is tr...

UBUNTU-CVE-2025-38466

In the Linux kernel, the following vulnerability has been resolved: perf: Revert to requiring CAPSYSADMIN for uprobes Jann reports that uprobes can be used destructively when used in the middle of an instruction. The kernel only verifies there is a valid instruction at the requested offset, but d...

CVE-2024-9132

The administrator is able to configure an insecure captive portal script...

PT-2025-32554

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The clone private mnt function did not properly verify that the caller has CAP SYS ADMIN privileges within the correct user namespace. This could potentially allow exposure of hidden...

kernel: tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: require CAPNETADMIN to attach NGSM0710 ldisc Any unprivileged user can attach NGSM0710 ldisc, but it requires CAPNETADMIN to create a GSM network anyway. Require initial namespace CAPNETADMIN to do that...

kernel: tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: require CAPNETADMIN to attach NGSM0710 ldisc Any unprivileged user can attach NGSM0710 ldisc, but it requires CAPNETADMIN to create a GSM network anyway. Require initial namespace CAPNETADMIN to do that...

kernel: netfilter: use-after-free in nf_tables when processing batch requests can lead to privilege escalation

A use-after-free vulnerability was found in the Netfilter subsystem of the Linux kernel when processing batch requests to update nftables configuration. This vulnerability can be abused to perform arbitrary reads and writes in kernel memory. A local user with CAPNETADMIN capability could use this...