11950 matches found
Solaris 10 (sparc): 119783-51
SunOS 5.10: SunOS 5.10: BIND patch. Date this patch was last updated by Sun : Jan/15/24 %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include"compat.inc"; if description scriptid255254; scriptversion"1.1";...
CVE-2025-57802 Airlink's Daemon Symlink Vulnerability
Airlink's Daemon interfaces with Docker and the Panel to provide secure access for controlling instances via the Panel. In version 1.0.0, an attacker with access to the affected container can create symbolic links inside the mounted directory /app/data. Because the container bind-mounts an...
CVE-2025-57802
Airlink’s Daemon vulnerability (CVE-2025-57802) affects version 1.0.0, where an attacker with access to the affected container can create symbolic links inside the mounted /app/data directory. Because the container bind-mounts an arbitrary host path, these symlinks can point to sensitive host loc...
Exploit for CVE-2025-9074
CVE-2025-9074 – Docker Desktop Windows Container→Host Write...
CVE-2025-38617
In the Linux kernel, the following vulnerability has been resolved: net/packet: fix a race in packetsetring and packetnotifier When packetsetring releases po-bindlock, another thread can run packetnotifier and process an NETDEVUP event. This race and the fix are both similar to that of commit...
CVE-2025-38618
In the Linux kernel, the following vulnerability has been resolved: vsock: Do not allow binding to VMADDRPORTANY It is possible for a vsock to autobind to VMADDRPORTANY. This can cause a use-after-free when a connection is made to the bound socket. The socket returned by accept also has port...
CVE-2025-38618
CVE-2025-38618 concerns the Linux kernel where a vsock could autobind to VMADDR_PORT_ANY, risking a use-after-free on connection to the bound socket. The fix updates __vsock_bind_connectible() to also prevent binding to VMADDR_PORT_ANY. Connected sources (e.g., Astra Linux, Debian LTS advisories,...
CVE-2025-38617
In the Linux kernel, the following vulnerability has been resolved: net/packet: fix a race in packetsetring and packetnotifier When packetsetring releases po-bindlock, another thread can run packetnotifier and process an NETDEVUP event. This race and the fix are both similar to that of commit...
CVE-2025-38617 net/packet: fix a race in packet_set_ring() and packet_notifier()
In the Linux kernel, the following vulnerability has been resolved: net/packet: fix a race in packetsetring and packetnotifier When packetsetring releases po-bindlock, another thread can run packetnotifier and process an NETDEVUP event. This race and the fix are both similar to that of commit...
CVE-2025-38617 net/packet: fix a race in packet_set_ring() and packet_notifier()
In the Linux kernel, the following vulnerability has been resolved: net/packet: fix a race in packetsetring and packetnotifier When packetsetring releases po-bindlock, another thread can run packetnotifier and process an NETDEVUP event. This race and the fix are both similar to that of commit...
PT-2025-44137
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to object leaks within the drm/msm subsystem during VM BIND error handling. Specifically, if a handle lookup fails midway through the process, t...
DEBIAN-CVE-2025-38555
In the Linux kernel, the following vulnerability has been resolved: usb: gadget : fix use-after-free in compositedevcleanup 1. In func configfscompositebind - compositeosdescreqprepare: if kmalloc fails, the pointer cdev-osdescreq will be freed but not set to NULL. Then it will return a failure t...
CVE-2025-38570 eth: fbnic: unlink NAPIs from queues on error to open
In the Linux kernel, the following vulnerability has been resolved: eth: fbnic: unlink NAPIs from queues on error to open CI hit a UaF in fbnic in the AFXDP portion of the queues.py test. The UaF is in the skmarknapiidonce call in xskbind, NAPI has been freed. Looks like the device failed to open...
CVE-2025-38570
In the Linux kernel, the following vulnerability has been resolved: eth: fbnic: unlink NAPIs from queues on error to open CI hit a UaF in fbnic in the AFXDP portion of the queues.py test. The UaF is in the skmarknapiidonce call in xskbind, NAPI has been freed. Looks like the device failed to open...
CVE-2025-38555 usb: gadget : fix use-after-free in composite_dev_cleanup()
In the Linux kernel, the following vulnerability has been resolved: usb: gadget : fix use-after-free in compositedevcleanup 1. In func configfscompositebind - compositeosdescreqprepare: if kmalloc fails, the pointer cdev-osdescreq will be freed but not set to NULL. Then it will return a failure t...
CVE-2025-38555
In the Linux kernel, the following vulnerability has been resolved: usb: gadget : fix use-after-free in compositedevcleanup 1. In func configfscompositebind - compositeosdescreqprepare: if kmalloc fails, the pointer cdev-osdescreq will be freed but not set to NULL. Then it will return a failure t...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an improper release of cdev-osdescreq in the configfscompositebind function, which could lead to post-releas...
Linux Distros Unpatched Vulnerability : CVE-2016-6213
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/namespace.c in the Linux kernel before 4.9 does not restrict how many mounts may exist in a mount namespace, which allows local users to cause a denial of...
Linux Distros Unpatched Vulnerability : CVE-2015-2925
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The prependpath function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users t...
CLSA-2025-1755512368 bind: Fix of CVE-2023-4408
CVE-2023-4408: reapply patch without dnsnamet ABI change...