Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: PowerPC: Do not attempt to copy PPR for tasks with NULL pt regs. PowerPC sets up PFKTHREAD and PFIOWORKER with a NULL pt regs, which, according to my arguably very brief checking, is not commonly done for other architectures. Thi...

RockyLinux 10 : systemd (RLSA-2026:18153)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:18153 advisory. systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump CVE-2025-4598 Tenable has...

systemd security update

An update is available for systemd. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The systemd packages contain systemd, a system and service manager for Linux...

RockyLinux 9 : systemd (RLSA-2025:22660)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:22660 advisory. systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump CVE-2025-4598 Tenable has...

RLSA-2025:22660 Moderate: systemd security update

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes...

Linux kernel 安全漏洞

The Linux kernel is the core used by the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a kernel bug in netfs when processing the ITERKVEC iterator. This bug may cause the core dum...

Linux Distros Unpatched Vulnerability : CVE-2026-31438

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfs: Fix kernel BUG in netfslimititer for ITERKVEC iterators When a process crashes and the kernel writes a core dump to a 9P filesystem, kernelwrite creates ...

NewStart CGSL MAIN 7.02 : systemd Vulnerability (NS-SA-2026-0034)

The remote NewStart CGSL host, running version MAIN 7.02, has systemd packages installed that are affected by a vulnerability: - The systemd-coredump is prone to a kill-and-replace race condition which may allow a local attacker to gain sensitive information from crashed SUID processes...

MiracleLinux 8 : kernel-4.18.0-240.el8 (AXSA:2021-1489:04)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1489:04 advisory. kernel: use after free in the video driver leads to local privilege escalation CVE-2019-9458 kernel: use-after-free in drivers/bluetooth/hcildisc.c...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004413)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004413 advisory. A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003048)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003048 advisory. In the flushtmregstothread function in arch/powerpc/kernel/ptrace.c in the Linux kernel before 4.13.5, a guest kernel crash can be triggered from unprivileged...

MiracleLinux 9 : systemd-252-55.el9_7.7.ML.1 (AXSA:2025-11553:11)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-11553:11 advisory. systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump CVE-2025-4598 Tenable...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992901)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992901 advisory. In the Linux kernel, the following vulnerability has been resolved: powerpc: Don't try to copy PPR for task with NULL ptregs powerpc sets up PFKTHREAD and PFIOWORKER...

RHEL 9 : systemd (RHSA-2025:22660)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:22660 advisory. The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive...

ALSA-2025:22660 Moderate: systemd security update

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes...

Linux Distros Unpatched Vulnerability : CVE-2025-64345

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Wasmtime is a runtime for WebAssembly. Prior to version 38.0.4, 37.0.3, 36.0.3, and 24.0.5, Wasmtime's Rust embedder API contains an unsound interaction where a...

CVE-2025-64345

Wasmtime is a runtime for WebAssembly. Prior to version 38.0.4, 37.0.3, 36.0.3, and 24.0.5, Wasmtime's Rust embedder API contains an unsound interaction where a WebAssembly shared linear memory could be viewed as a type which provides safe access to the host Rust to the contents of the linear...

DEBIAN-CVE-2025-64345

Wasmtime is a runtime for WebAssembly. Prior to version 38.0.4, 37.0.3, 36.0.3, and 24.0.5, Wasmtime's Rust embedder API contains an unsound interaction where a WebAssembly shared linear memory could be viewed as a type which provides safe access to the host Rust to the contents of the linear...

UBUNTU-CVE-2025-64345

Wasmtime is a runtime for WebAssembly. Prior to version 38.0.4, 37.0.3, 36.0.3, and 24.0.5, Wasmtime's Rust embedder API contains an unsound interaction where a WebAssembly shared linear memory could be viewed as a type which provides safe access to the host Rust to the contents of the linear...

GHSA-HC7M-R6V8-HG9Q Wasmtime provides unsound API access to a WebAssembly shared linear memory

Impact Wasmtime's Rust embedder API contains an unsound interaction where a WebAssembly shared linear memory could be viewed as a type which provides safe access to the host Rust to the contents of the linear memory. This is not sound for shared linear memories, which could be modified in paralle...