RHCOS 4 : OpenShift Container Platform 4.15.44 (RHSA-2025:0648)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:0648 advisory. - cri-o: Checkpoint restore can be triggered from different namespaces CVE-2024-8676 Note that Nessus has not tested for this issue but has...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002973)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002973 advisory. The timercreate syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the sigevent-sigevnotify field, whic...

Ubuntu: Security Advisory (USN-7900-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux Distros Unpatched Vulnerability : CVE-2017-18344

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The timercreate syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the sigevent-sigevnotify field,...

cri-o: Checkpoint restore can be triggered from different namespaces

A vulnerability was found in CRI-O, where it can be requested to take a checkpoint archive of a container and later be asked to restore it. When it does that restoration, it attempts to restore the mounts from the restore archive instead of the pod request. As a result, the validations run on the...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.18.2 packages and security update

Red Hat OpenShift Container Platform release 4.18.2 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a...

cri-o: Checkpoint restore can be triggered from different namespaces

A vulnerability was found in CRI-O, where it can be requested to take a checkpoint archive of a container and later be asked to restore it. When it does that restoration, it attempts to restore the mounts from the restore archive instead of the pod request. As a result, the validations run on the...

cri-o: Checkpoint restore can be triggered from different namespaces

A vulnerability was found in CRI-O, where it can be requested to take a checkpoint archive of a container and later be asked to restore it. When it does that restoration, it attempts to restore the mounts from the restore archive instead of the pod request. As a result, the validations run on the...

Improper Authorization

github.com/cri-o/cri-o is vulnerable to Improper Authorization. The vulnerability is due to insufficient validation during container restoration, allowing a malicious user to restore a pod without proper access to host mounts by exploiting the checkpoint restore process...

AZL-53540 CVE-2024-8676 affecting package cri-o 1.30.1-1

A vulnerability was found in CRI-O, where it can be requested to take a checkpoint archive of a container and later be asked to restore it. When it does that restoration, it attempts to restore the mounts from the restore archive instead of the pod request. As a result, the validations run on the...

CVE-2024-8676 Cri-o: checkpoint restore can be triggered from different namespaces

A vulnerability was found in CRI-O, where it can be requested to take a checkpoint archive of a container and later be asked to restore it. When it does that restoration, it attempts to restore the mounts from the restore archive instead of the pod request. As a result, the validations run on the...

Runtime efficiency with Spring (today and tomorrow)

With Spring Framework 6.1 and Spring Boot 3.2 general availability approaching, we would like to share an overview about several efforts the Spring team is pursuing to allow developers to optimize the runtime efficiency of their applications. We are going to cover the following technologies and u...

criu bug fix and enhancement update

An update is available for criu. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The criu packages provide the Checkpoint/Restore in User Space CRIU function,...

SUSE CVE-2017-18344

The timercreate syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the sigevent-sigevnotify field, which leads to out-of-bounds access in the showtimer function called when /proc/$PID/timers is read. This allows userspace applications ...

jigawatts bug fix and enhancement update

An update is available for jigawatts. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Jigawatts is a new package introduced in Rocky Linux 8.5 & 9.0 to facilitat...

runc security update

1.0.0-19.rc5.git4bb1fe4.0.3.el7 - Apply patch for CVE-2019-5736 Wiekus Beukes 1.0.0-19.rc5.git4bb1fe4.0.2.el7 - update Go version to 1.10.8, fix version string Laszlo Laca Peter 1.0.0-19.rc5.git4bb1fe4.0.1.el7 - Tuning .spec file 2:1.0.0-19.rc5.git4bb1fe4 - release v1.0.0rc5...

DEBIAN-CVE-2017-18344

The timercreate syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the sigevent-sigevnotify field, which leads to out-of-bounds access in the showtimer function called when /proc/$PID/timers is read. This allows userspace applications ...

UBUNTU-CVE-2017-18344

The timercreate syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the sigevent-sigevnotify field, which leads to out-of-bounds access in the showtimer function called when /proc/$PID/timers is read. This allows userspace applications ...

PT-2018-6841 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.14.8 Description: The issue arises from improper validation of the sigevent-sigev notify field in the timer create syscall implementation. This leads to out-of-bounds access when the show timer function is...

CRIU Information Disclosure Vulnerability

CRIU Checkpoint/Restore In Userspace is a set of Linux userspace userspace on the implementation of the checkpoint/restore function of the software to freeze and restore the execution of tools. The tool supports freezing or partially freezing the execution of an application and saving its executi...