Fedora 44 : python-starlette (2026-3bce8d3f11)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-3bce8d3f11 advisory. Backport fix for CVE-2026-48710 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Fedora 43 : python-starlette (2026-e0f378428e)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-e0f378428e advisory. Backport fix for CVE-2026-48710 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Fedora 43 : rubygem-yard (2026-2d0a32ddc0)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-2d0a32ddc0 advisory. Backport 0.9.41 / 0.9.44 fixes for possible path traversal issues Tenable has extracted the preceding description block directly from the Fedora security...

Fedora 44 : haveged (2026-12643837bd)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-12643837bd advisory. Backport fix for CVE-2026-41054: privilege escalation via command socket Tenable has extracted the preceding description block directly from the Fedora...

SUSE CVE-2026-45999

In the Linux kernel, the following vulnerability has been resolved: erofs: fix unsigned underflow in zerofslz4handleoverlap Some crafted images can have illegal !partialdecoding && mllen out access reads past the decompressedpages array. However, such crafted cases can correctly result in a...

UBUNTU-CVE-2026-45999

In the Linux kernel, the following vulnerability has been resolved: erofs: fix unsigned underflow in zerofslz4handleoverlap Some crafted images can have illegal !partialdecoding && mllen out access reads past the decompressedpages array. However, such crafted cases can correctly result in a...

PT-2026-43866

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description An unsigned underflow exists in the z erofs lz4 handle overlap function within the erofs component. Specifically, crafted images containing illegal extents where !partial decoding is true a...

Oracle Linux 7 : gdk-pixbuf2 (ELSA-2026-12114)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-12114 advisory. - Backport fixes for CVE-2026-5201 Orabug: 39288631 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Not...

CVE-2026-43381

In the Linux kernel, the following vulnerability has been resolved: nouveau/dpcd: return EBUSY for aux xfer if the device is asleep If we have runtime suspended, and userspace wants to use /dev/drmdp then just tell it the device is busy instead of crashing in the GSP code. WARNING: CPU: 2 PID:...

CVE-2026-43381 nouveau/dpcd: return EBUSY for aux xfer if the device is asleep

In the Linux kernel, the following vulnerability has been resolved: nouveau/dpcd: return EBUSY for aux xfer if the device is asleep If we have runtime suspended, and userspace wants to use /dev/drmdp then just tell it the device is busy instead of crashing in the GSP code. WARNING: CPU: 2 PID:...

PT-2026-39042

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the nouveau/dpcd component where the system may crash in the GSP code when userspace attempts to use '/dev/drm dp ' while the device is in a runtime suspended state. T...

CVE-2026-43191

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Adjust PHY FSM transition to TXEN-to-PLLON for TMDS on DCN35 Why A backport of the change made for DCN401 that addresses an issue where we turn off the PHY PLL when disabling TMDS output, which causes the OTG to...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: smb: client: fixed an incomplete backport in cfidsinvalidationworker The previous commit bdb596ceb4b7 "smb: client: fixed a potential UAF in smb2closecachedfid" was an incomplete backport. It also missed one krefput call in...

CLSA-2026-1777544831 libarchive: Fix of CVE-2021-31566

CVE-2021-31566: extend backport with upstream 8a1bd5c and ede459d2 to close the trailing-slash variant of the fixup-list symlink-follow attack...

CLSA-2026-1777384121 squid: Fix of 3 CVEs

CVE-2019-12521: fix ESI parser off-by-one heap overflow by enforcing a stack-depth limit and throwing on overflow - CVE-2019-12524 already addressed by the CVE-2019-12520 backport same fix upstream; see Squid advisory SQUID-2019:4...

Fedora 43 : PackageKit (2026-7463cd3c32)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-7463cd3c32 advisory. Backport fix for race condition leading to root compromise GHSA-f55j-vvr9-69xv Tenable has extracted the preceding description block directly from the Fedora...

CLSA-2026-1777307149 libarchive: Fix of CVE-2021-31566

CVE-2021-31566: extend backport with upstream 8a1bd5c and ede459d2 to close the trailing-slash variant of the fixup-list symlink-follow attack...

OPENSUSE-SU-2026:20632-1 Security update for freerdp2

This update for freerdp2 fixes the following issues: Changes in freerdp2: - Update freerdp-3-macro: + Add WINPRATTRMALLOC macro from freerdp 3 - Security fixes for the following issues: CVE-2026-25941: Fixed a out of bounds read bsc1258919 CVE-2026-25942: Fixed a buffer overflow in...

Fedora: Security Advisory (FEDORA-2026-6d7e0a8b45)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 43 : mapserver (2026-6d7e0a8b45)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-6d7e0a8b45 advisory. Backport fix for CVE-2026-33721. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...