11950 matches found
SUSE CVE-2025-39926
In the Linux kernel, the following vulnerability has been resolved: genetlink: fix genlbind invoking bind after -EPERM Per family bind/unbind callbacks were introduced to allow families to track multicast group consumer presence, e.g. to start or stop producing events depending on listeners...
podman: Build Context Bind Mount
A flaw was found in Podman. In a Containerfile or Podman, data written to RUN --mount=type=bind mounts during the podman build is not discarded. This issue can lead to files created within the container appearing in the temporary build context directory on the host, leaving the created files...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.18.25 packages and security update
Red Hat OpenShift Container Platform release 4.18.25 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a...
CVE-2025-20370 Denial of Service (DoS) through Multiple LDAP Bind Requests in Splunk Enterprise
In Splunk Enterprise versions below 10.0.1, 9.4.4, 9.3.6, and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.108, 9.3.2408.118 and 9.2.2406.123, a user who holds a role that contains the high-privilege capability changeauthentication, could send multiple LDAP bind requests to a specific...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.16.49 packages and security update
Red Hat OpenShift Container Platform release 4.16.49 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a...
podman: Build Context Bind Mount
A flaw was found in Podman. In a Containerfile or Podman, data written to RUN --mount=type=bind mounts during the podman build is not discarded. This issue can lead to files created within the container appearing in the temporary build context directory on the host, leaving the created files...
CVE-2025-39926
In the Linux kernel, the following vulnerability has been resolved: genetlink: fix genlbind invoking bind after -EPERM Per family bind/unbind callbacks were introduced to allow families to track multicast group consumer presence, e.g. to start or stop producing events depending on listeners...
CVE-2025-39925
In the Linux kernel, the following vulnerability has been resolved: can: j1939: implement NETDEVUNREGISTER notification handler syzbot is reporting unregisternetdevice: waiting for vcan0 to become free. Usage count = 2 problem, for j1939 protocol did not have NETDEVUNREGISTER notification handler...
UBUNTU-CVE-2025-39926
In the Linux kernel, the following vulnerability has been resolved: genetlink: fix genlbind invoking bind after -EPERM Per family bind/unbind callbacks were introduced to allow families to track multicast group consumer presence, e.g. to start or stop producing events depending on listeners...
CVE-2025-39926 genetlink: fix genl_bind() invoking bind() after -EPERM
In the Linux kernel, the following vulnerability has been resolved: genetlink: fix genlbind invoking bind after -EPERM Per family bind/unbind callbacks were introduced to allow families to track multicast group consumer presence, e.g. to start or stop producing events depending on listeners...
CVE-2025-39926 genetlink: fix genl_bind() invoking bind() after -EPERM
In the Linux kernel, the following vulnerability has been resolved: genetlink: fix genlbind invoking bind after -EPERM Per family bind/unbind callbacks were introduced to allow families to track multicast group consumer presence, e.g. to start or stop producing events depending on listeners...
CVE-2025-39926 genetlink: fix genl_bind() invoking bind() after -EPERM
In the Linux kernel, the following vulnerability has been resolved: genetlink: fix genlbind invoking bind after -EPERM Per family bind/unbind callbacks were introduced to allow families to track multicast group consumer presence, e.g. to start or stop producing events depending on listeners...
CVE-2025-39926
CVE-2025-39926 in the Linux kernel fixes a logic error in genetlink: in genl_bind(), bind() could be invoked after a failed capability check (-EPERM), letting callbacks run for unauthorized callers. The patch ensures bind() is called only after successful permission checks (after the “if (ret) br...
CVE-2025-39925 can: j1939: implement NETDEV_UNREGISTER notification handler
In the Linux kernel, the following vulnerability has been resolved: can: j1939: implement NETDEVUNREGISTER notification handler syzbot is reporting unregisternetdevice: waiting for vcan0 to become free. Usage count = 2 problem, for j1939 protocol did not have NETDEVUNREGISTER notification handler...
CVE-2025-39925 can: j1939: implement NETDEV_UNREGISTER notification handler
In the Linux kernel, the following vulnerability has been resolved: can: j1939: implement NETDEVUNREGISTER notification handler syzbot is reporting unregisternetdevice: waiting for vcan0 to become free. Usage count = 2 problem, for j1939 protocol did not have NETDEVUNREGISTER notification handler...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a call to the bind callback function despite a failed privilege check, which could lead to unauthorized...
PT-2025-40100
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s genetlink functionality where the genl bind function could invoke a bind callback even after permission checks failed, potentially allowing callbacks ...
ipa security update
4.12.2-14.0.1.5 - Set IPAPLATFORM=rhel when build on Oracle Linux Orabug: 29516674 - Add bind to ipa-server-common Requires Orabug: 36518596 4.12.2-14.5 - Resolves: RHEL-110068 EMBARGOED CVE-2025-7493 ipa: Privilege escalation from host to domain admin in FreeIPA 4.12.2-14.4 - Resolves: RHEL-1100...
RHEL 8 / 9 : OpenShift Container Platform 4.16.49 (RHSA-2025:16724)
The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:16724 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private...
PT-2025-40273
Name of the Vulnerable Software and Affected Versions Splunk Enterprise versions prior to 10.0.1 Splunk Enterprise versions 9.2.8 through 9.4.4 Splunk Cloud Platform versions prior to 9.3.2411.108 Splunk Cloud Platform versions 9.2.2406.123 through 9.3.2408.118 Description A user with the change...