Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. File system bugs due to corrupted images are not considered a CVE for any filesystem that can only be mounted with CAPSYSADMIN in the initial user namespace. This includes delegated mounting...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002107)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002107 advisory. The ftrace implementation in the Linux kernel before 3.8.8 allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have...

RockyLinux 10 : kernel (RLSA-2025:23279)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:23279 advisory. kernel: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns CVE-2025-38499 kernel: net: tun: Update napi-skb after XDP process...

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns CVE-2025-38499 kernel: iommufd: Fix race during abort for file descriptors CVE-2025-39966 kernel: tls: wait for...

SUSE-SU-2025:20889-1 Security update for kernel-livepatch-MICRO-6-0_Update_10

This update for kernel-livepatch-MICRO-6-0Update10 fixes the following issues: - CVE-2025-38566: sunrpc: fix handling of server side tls alerts bsc1248376 - CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns bsc1248673 - CVE-2025-38678: netfilter: nftables:...

Security update for kernel-livepatch-MICRO-6-0_Update_9

This update for kernel-livepatch-MICRO-6-0Update9 fixes the following issues: CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretmem LSM bypass bsc1247158 CVE-2025-38471: kernel: tls: always refresh the queue when...

Security update for kernel-livepatch-MICRO-6-0-RT_Update_10

This update for kernel-livepatch-MICRO-6-0-RTUpdate10 fixes the following issues: CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretmem LSM bypass bsc1247158 CVE-2025-38471: kernel: tls: always refresh the queue when...

SUSE-SU-2025:20915-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_7

This update for kernel-livepatch-MICRO-6-0-RTUpdate7 fixes the following issues: - CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 - CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretmem LSM bypass bsc1247158 - CVE-2025-38471: kernel: tls: always refresh the queue...

Security update for kernel-livepatch-MICRO-6-0_Update_5

This update for kernel-livepatch-MICRO-6-0Update5 fixes the following issues: CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794 CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretmem LSM...

SUSE-SU-2025:20877-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_8

This update for kernel-livepatch-MICRO-6-0-RTUpdate8 fixes the following issues: - CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 - CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretmem LSM bypass bsc1247158 - CVE-2025-38471: kernel: tls: always refresh the queue...

Security update for the Linux Kernel (Live Patch 58 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059207 fixes several issues. The following security issues were fixed: CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns bsc1248673. CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414561)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414561 advisory. In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds write when many elements are placed in a single bucket...

perf: Revert to requiring CAP_SYS_ADMIN for uprobes

...

Linux Distros Unpatched Vulnerability : CVE-2025-38499

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns What we want is to verify there is that clone won't expose something hidden by a moun...

UBUNTU-CVE-2025-38499

In the Linux kernel, the following vulnerability has been resolved: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns What we want is to verify there is that clone won't expose something hidden by a mount we wouldn't be able to undo. "Wouldn't be able to undo" may be a...

PT-2025-20343

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, requiring CAP SYS ADMIN for all usages of TIOCL SELMOUSEREPORT. The previous patch had inconsistent logic, and TIOCL SELMOUSEREPORT...

SUSE CVE-2025-0927

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Filesystem bugs due to corrupt images are not considered a CVE for any filesystem that is only mountable by CAPSYSADMIN in the initial user namespace. That includes delegated mounting...

SUSE CVE-2021-3679

A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users with CAPSYSADMIN capability could use this flaw to starve the resources causing denial of service...