CVE-2025-41269

The CVE-2025-41269 entry describes a remote OS Command Injection (CWE-78) affecting Waterfall WF-500 Series controllers: Console WebUI on TX/RX Hosts, version 7.9.1.0 R2502171040. Root cause is improper neutralization of special elements in the OS command execution path, permitting remote unauthe...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010950)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010950 advisory. In the Linux kernel, the following vulnerability has been resolved: tty: fix out-of-bounds access in ttydriverlookuptty When specifying an invalid console= device li...

runc: container escape with malicious config due to /dev/console mount and related races

A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console bind-mounts. When creating the /dev/console bind-mount to /dev/pts/$n, if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount...

Linux Distros Unpatched Vulnerability : CVE-2023-54198

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tty: fix out-of-bounds access in ttydriverlookuptty When specifying an invalid console= device like console=tty3270, ttydriverlookuptty returns the tty struct...

CVE-2023-54198

In the Linux kernel, the following vulnerability has been resolved: tty: fix out-of-bounds access in ttydriverlookuptty When specifying an invalid console= device like console=tty3270, ttydriverlookuptty returns the tty struct without checking whether index is a valid number. To reproduce:...

CVE-2023-54198 tty: fix out-of-bounds access in tty_driver_lookup_tty()

In the Linux kernel, the following vulnerability has been resolved: tty: fix out-of-bounds access in ttydriverlookuptty When specifying an invalid console= device like console=tty3270, ttydriverlookuptty returns the tty struct without checking whether index is a valid number. To reproduce:...

CVE-2023-54198

CVE-2023-54198 is a Linux kernel vulnerability in the tty subsystem. The issue is described as an out-of-bounds access in tty_driver_lookup_tty(), where an invalid console= device (e.g., console=tty3270) leads to tty being returned without validating the index, causing a NULL pointer dereference ...

PT-2025-54027

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the tty driver lookup tty function that can lead to an out-of-bounds access. This occurs when an invalid console device is specified, such as...

RLSA-2025:20957 Important: runc security update

The runC tool is a lightweight, portable implementation of the Open Container Format OCF that provides container runtime. Security Fixes: runc: container escape via 'masked path' abuse due to mount race conditions CVE-2025-31133 runc: container escape with malicious config due to /dev/console mou...

Security update for podman

This update for podman fixes the following issues: CVE-2025-31133: Fixed container escape via 'masked path' abuse due to mount race conditions bsc1252376 CVE-2025-52565: Fixed container escape with malicious config due to /dev/console mount and related races bsc1252376 CVE-2025-52881: Fixed...

runc 安全漏洞

runc is an Open Container Initiative open source CLI Command Line Interface tool for generating and running containers according to the OCI specification. A security vulnerability exists in runc versions 1.0.0-rc3 through 1.2.7, 1.3.0-rc.1 through 1.3.2, and 1.4.0-rc.1 through 1.4.0-rc.2, which...

Race Condition Enabling Link Following

Overview Affected versions of this package are vulnerable to Race Condition Enabling Link Following due to insufficient checks when bind-mounting /dev/pts/$n to /dev/console inside the container. An attacker can gain unauthorized write access to sensitive files within the container environment by...

Race Condition Enabling Link Following

Overview Affected versions of this package are vulnerable to Race Condition Enabling Link Following due to insufficient checks when bind-mounting /dev/pts/$n to /dev/console inside the container. An attacker can gain unauthorized write access to sensitive files within the container environment by...

PT-2025-45373

Name of the Vulnerable Software and Affected Versions runc versions 1.0.0-rc3 through 1.2.7 runc versions 1.3.0-rc.1 through 1.3.2 runc versions 1.4.0-rc.1 through 1.4.0-rc.2 Description Insufficient checks when bind-mounting /dev/pts/$n to /dev/console inside a container allow an attacker to tri...

CVE-2025-38467 drm/exynos: exynos7_drm_decon: add vblank check in IRQ handling

In the Linux kernel, the following vulnerability has been resolved: drm/exynos: exynos7drmdecon: add vblank check in IRQ handling If there's support for another console device such as a TTY serial, the kernel occasionally panics during boot. The panic message and a relevant snippet of the call...

Privilege Escalation

Pluggable Authentication Modules PAM is vulnerable to Privilege Escalation. A flaw was found in the way pamconsole set console device permissions. It was possible for various console devices to retain ownership of the console user after logging out, possibly leaking information to another local...

CentOS 4 : pam (CESA-2007:0737)

Updated pam packages that fix two security flaws, resolve two bugs, and add an enhancement are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Pluggable Authentication Modules PAM provide a system...

pam security update

CentOS Errata and Security Advisory CESA-2007:0737 Updated pam packages that fix two security flaws, resolve two bugs, and add an enhancement are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team...

Moderate: Red Hat Security Advisory: pam security, bug fix, and enhancement update

Updated pam packages that fix two security flaws, resolve two bugs, and add an enhancement are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Pluggable Authentication Modules PAM provide a system...

Moderate: Red Hat Security Advisory: pam security, bug fix, and enhancement update

Updated pam packages that fix two security flaws, resolve several bugs, and add enhancements are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Pluggable Authentication Modules PAM provide a system...