Fedora 42 : gimp (2026-bda4a20a3c)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-bda4a20a3c advisory. This is an upstream bugfix and security update. Please refer to the upstream release notes for details about the changes in this version. Tenable has extract...

CVE-2026-23025

In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: prevent pcp corruption with SMP=n The kernel test robot has reported: BUG: spinlock trylock failure on UP on CPU0, kcompactd0/28 lock: 0xffff888807e35ef0, .magic: dead4ead, .owner: kcompactd0/28, .ownercpu: 0 CPU: 0...

Fedora: Security Advisory (FEDORA-2026-ebabb127fb)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 43 : gimp (2026-ebabb127fb)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-ebabb127fb advisory. This is an upstream bugfix and security update. Please refer to the upstream release notes for details about the changes in this version. Tenable has extract...

CVE-2026-22990

CVE-2026-22990 affects the Linux kernel libceph component, where an overzealous BUG_ON in osdmap_apply_incremental() could misreact to a maliciously corrupted incremental osdmap epoch. The mitigation is to treat such an incongruent incremental osdmap as invalid rather than triggering a BUG. Conne...

SUSE-SU-2026:20089-1 Security update for alloy

This update for alloy fixes the following issues: Upgrade to version 1.12.1. Security issues fixed: - CVE-2025-47911: golang.org/x/net/html: quadratic complexity algorithms used when parsing untrusted HTML documents bsc1251509. - CVE-2025-58190: golang.org/x/net/html: excessive memory consumption...

CVE-2023-53867

In the Linux kernel, the following vulnerability has been resolved: ceph: fix potential use-after-free bug when trimming caps When trimming the caps and just after the 'session-scaplock' is released in cephiteratesessioncaps the cap maybe removed by another thread, and when using the stale cap...

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-50364: i2c: mux: reg: check return value after calling platformgetresource bsc1250083. CVE-2022-50368: drm/msm/dsi: fix memory corruption with too many bridge...

CVE-2025-68323 usb: typec: ucsi: fix use-after-free caused by uec->work

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: fix use-after-free caused by uec-work The delayed work uec-work is scheduled in gaokunucsiprobe but never properly canceled in gaokunucsiremove. This creates use-after-free scenarios where the ucsi and gaokunucs...

EUVD-2023-60093

In the Linux kernel, the following vulnerability has been resolved: ext4: fix rbtree traversal bug in ext4mbusepreallocated During allocations, while looking for preallocationsPA in the per inode rbtree, we can't do a direct traversal of the tree because ext4mbdiscardgrouppreallocation can...

PT-2025-49308

Name of the Vulnerable Software and Affected Versions Strimzi versions 0.47.0 through 0.49.0 Description Strimzi allows running an Apache Kafka cluster on Kubernetes or OpenShift. Versions from 0.47.0 up to 0.49.0 incorrectly create a Kubernetes Role. This role grants Apache Kafka Connect and...

SUSE-SU-2025:21179-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Server 16.0 and SUSE Linux Micro 6.2 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-53164: net: sched: fix ordering of qlen adjustment bsc1234863. - CVE-2024-57891: schedext: Fix invalid irq restore in...

Fedora 43 : Thunar (2025-7a1a0e5bd8)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-7a1a0e5bd8 advisory. Update to 4.20.6, the latest stable bugfix release. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note th...

Fedora: Security Advisory (FEDORA-2025-210aed9692)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EUVD-2025-6790

Malicious code in bioql PyPI...

EUVD-2024-0122

Malicious code in bioql PyPI...

SUSE-SU-2025:03383-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-50116: kernel: tty: ngsm: fix deadlock and link starvation in outgoing data path bsc1244824. - CVE-2024-53177: smb: prevent use-after-free due to...

UBUNTU-CVE-2025-39885

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix recursive semaphore deadlock in fiemap call syzbot detected a OCFS2 hang due to a recursive semaphore on a FSIOCFIEMAP of the extent list on a specially crafted mmap file. contextswitch kernel/sched/core.c:5357 inline...

SUSE CVE-2025-39864

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: fix use-after-free in cmpbss Following bssfree quirk introduced in commit 776b3580178f "cfg80211: track hidden SSID networks properly", adjust cfg80211updateknownbss to free the last beacon frame elements only if...

Fedora 43 : forgejo (2025-210aed9692)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-210aed9692 advisory. This is an upstream bugfix release. Please refer to the upstream release notes for details about changes in this version. Tenable has extracted the preceding...