Fedora 44 : haveged (2026-12643837bd)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-12643837bd advisory. Backport fix for CVE-2026-41054: privilege escalation via command socket Tenable has extracted the preceding description block directly from the Fedora...

SUSE CVE-2026-45999

In the Linux kernel, the following vulnerability has been resolved: erofs: fix unsigned underflow in zerofslz4handleoverlap Some crafted images can have illegal !partialdecoding && mllen out access reads past the decompressedpages array. However, such crafted cases can correctly result in a...

Fedora 44 : rrdtool (2026-87a8048005)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-87a8048005 advisory. This is an update backporting some safety checks from the rrdtool-1.10.0. Tenable has extracted the preceding description block directly from the Fedora...

UBUNTU-CVE-2026-45999

In the Linux kernel, the following vulnerability has been resolved: erofs: fix unsigned underflow in zerofslz4handleoverlap Some crafted images can have illegal !partialdecoding && mllen out access reads past the decompressedpages array. However, such crafted cases can correctly result in a...

PT-2026-43866

In the Linux kernel, the following vulnerability has been resolved: erofs: fix unsigned underflow in z erofs lz4 handle overlap Some crafted images can have illegal !partial decoding && m llen out access reads past the decompressed pages array. However, such crafted cases can correctly result in ...

Fedora 42 : rrdtool (2026-93281f2f96)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-93281f2f96 advisory. This is an update backporting some safety checks from the rrdtool-1.10.0. Tenable has extracted the preceding description block directly from the Fedora...

Linux Distros Unpatched Vulnerability : CVE-2026-45999

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - erofs: fix unsigned underflow in zerofslz4handleoverlap Some crafted images can have illegal !partialdecoding && mllen out access reads past the decompressedpag...

Exploit for CVE-2026-42945

NGINX Rift — CVE-2026-42945 Vulnerability Scanning and Verific...

CLSA-2026-1779697425 postgresql: Fix of CVE-2026-6478

CVE-2026-6478: backport upstream prerequisite that introduces the timingsafebcmp constant-time memory comparison helper, then apply it to SCRAM and MD5 authentication paths that previously used memcmp or strcmp on password hashes, computed keys, and SCRAM nonces, to prevent timing-side-channel...

Exploit for CVE-2026-42945

ingress-nginx CVE-2026-42945 backport kit This repository doc...

Oracle Linux 7 : gdk-pixbuf2 (ELSA-2026-12114)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-12114 advisory. - Backport fixes for CVE-2026-5201 Orabug: 39288631 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Not...

Astra Linux - уязвимость в linux-6.1, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: xfs: Do not propagate ENODATA disk errors into the xattr code. ENODATA also known as ENOATTR has a very specific meaning in the xfs xattr code: it indicates that the requested attribute name could not be found. However, a...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: lib/buildid: Use kernelread for the sleepable context. A bug has been prevented: “BUG: Unable to handle a NULL pointer dereferencing in filemapreadfolio.” For the sleepable context, change freader to use kernelread instead of...

Astra Linux - уязвимость в heimdal

The fix for CVE-2022-3437 involved changing the memcmp function to run in constant time, as well as providing a workaround for a compiler bug by adding comparisons of the result with the value “!= 0” to the memcmp function. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0...

Astra Linux - уязвимость в linux-6.1, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: The unshare of page tables occurs during VMA splitting, not before. Currently, splitvma triggers the unshare of hugetlb page tables through vmops-maysplit. This happens before the VMA lock and rmap locks are taken –...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: fs: Relaxing the assertions when encoding file handles fails The encoding of file handles is typically performed by a filesystem method called encodefh. This process may fail for various reasons. Legacy users of...

CLSA-2026-1779122764 nano: Fix of CVE-2024-5742

CVE-2024-5742: emergencysave applied chmod/chown to a path after the descriptor was closed, allowing a symlink swap to redirect the ownership change to an attacker-controlled file - Backport of upstream commit 5e7a3c2e from nano v8.0, adapted to the 5.6.1 codebase writefile signature predates the...

CLSA-2026-1778839666 kernel: Fix of CVE-2026-46300

net: skbuff: propagate shared-frag marker 8.x backport CVE-2026-46300...

CLSA-2026-1778834936 postfix: Fix of CVE-2023-51764

CVE-2023-51764: fix SMTP smuggling backport of 2.11.11-smuggling-patch...

CLSA-2026-1778834899 postfix: Fix of CVE-2023-51764

CVE-2023-51764: fix SMTP smuggling backport of 2.11.11-smuggling-patch...