Ubuntu 24.04 LTS / 25.10 : Linux kernel (Azure) vulnerabilities (USN-8310-1)

"The remote Ubuntu 24.04 LTS / 25.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8310-1 advisory. It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: blk-iolatency: Fixed imbalances in the number of in-flight IO operations and issues with hanging during offline conditions. iolatency needs to track the number of in-flight IO operations per cgroup. Since this tracking can be...

CVE-2026-43323

A flaw was found in the Linux kernel. Incorrect tracking of virtual runtime zerovruntime in the scheduler's fair scheduling component can occur under specific conditions, such as when tasks frequently yield or when multiple control groups cgroups are active. This can lead to the scheduler's...

PT-2026-38974

In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix zero vruntime tracking fix John reported that stress-ng-yield could make his machine unhappy and managed to bisect it to commit b3d99f43c72b "sched/fair: Fix zero vruntime tracking". The combination of yield and...

Astra Linux - уязвимость в linux-5.15, linux-6.1

A flaw was discovered in the filelockinit function in the fs/locks.c file within the Linux kernel. This issue can lead to host memory exhaustion, as memcg does not limit the number of POSIX file locks that can be created...

Astra Linux - уязвимость в linux, linux-5.10

A non-privileged write-to-file handler flaw exists in the Linux kernel’s control groups and namespaces subsystem. This flaw allows users to gain access to certain less-privileged processes that are controlled by cgroups, even when those processes have higher-privileged parent processes. This issu...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-007026)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007026 advisory. In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible uaf for 'bfqq-bic' Our test report a uaf for 'bfqq-bic' in 5.10:...

[SECURITY] Fedora 44 Update: systemd-259.5-1.fc44

systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses sock et and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups,...

[SECURITY] Fedora 44 Update: systemd-259.3-1.fc44

systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses sock et and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups,...

Exploit for Improper Authentication in Linux Linux_Kernel

Reproducing CVE-2022-0492 Advanced Ethical Hacking Project !...

MiracleLinux 8 : kernel-4.18.0-348.20.1.el8_5 (AXSA:2022-3099:05)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3099:05 advisory. kernel: improper initialization of the flags member of the new pipebuffer CVE-2022-0847 kernel: Use After Free in unixgc which could result in a loc...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001478)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001478 advisory. An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less...

PT-2025-53973

In the Linux kernel, the following vulnerability has been resolved: bpf: prevent leak of lsm program after failed attach In 0, we added the ability to bpf prog attach LSM programs to cgroups, but in our validation to make sure the prog is meant to be attached to BPF LSM CGROUP, we return too earl...

CVE-2023-53823 block/rq_qos: protect rq_qos apis with a new lock

In the Linux kernel, the following vulnerability has been resolved: block/rqqos: protect rqqos apis with a new lock commit 50e34d78815e "block: disable the elevator int delgendisk" move rqqosexit from diskrelease to delgendisk, this will introduce some problems: 1 If rqqosadd is triggered by...

CVE-2023-53522

In the Linux kernel, the following vulnerability has been resolved: cgroup,freezer: hold cpuhotpluglock before freezermutex syzbot is reporting circular locking dependency between cpuhotpluglock and freezermutex, for commit f5d39b020809 "freezer,sched: Rewrite core freezer logic" replaced atomici...

CVE-2023-53169

CVE-2023-53169 concerns the Linux kernel resctrl path (x86/resctrl) where the rdt_domain’s staged_config[] was not cleared before/after use, allowing stale values to cause an MSR access error (WRMSR to 0xca0) when creating resource groups under CDP. The report describes resctrl_arch_update_domain...

Cyber Security Educational Games for Children: a Systematic Literature Review

Educational games have been widely used to teach children about cyber security. This systematic literature review reveals evidence of positive learning outcomes, after analysing 91 such games reported in 68 papers published between 2010 and 2024. However, critical gaps have also been identified...

Linux Distros Unpatched Vulnerability : CVE-2021-20194

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a vulnerability in the linux kernel versions higher than 5.2 if kernel compiled with config params CONFIGBPFSYSCALL=y , CONFIGBPF=y , CONFIGCGROUPS=y ,...

Linux Distros Unpatched Vulnerability : CVE-2025-21861

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/migratedevice: don't add folio to be freed to LRU in migratedevicefinalize If migration succeeded, we called foliomigrateflags-memcgroupmigrate to migrate th...

Linux Distros Unpatched Vulnerability : CVE-2022-0492

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in the Linux kernel's cgroupreleaseagentwrite in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allow...