CVE-2026-39461

The CVE-2026-39461 issue affects libcasper(3), which communicates with helper processes over UNIX domain sockets and uses select(2) to wait for data. The problem is that it does not verify that its socket descriptor fits within FD_SETSIZE (1024), potentially allowing an application that opens man...

FreeBSD Security Advisory - FreeBSD-SA-26:22.libcasper

FreeBSD Security Advisory - libcasper3 communicates with helper processes via UNIX domain sockets, and uses the select2 system call to wait for data to become available. However, it does not verify that its socket descriptor fits within select2's descriptor set size limit of FDSETSIZE 1024...

CVE-2026-39457

When exchanging data over a socket, libnv uses select2 to wait for data to arrive. However, it does not verify whether the provided socket descriptor fits in select2's file descriptor set size limit of FDSETSIZE 1024. An attacker who is able to force a libnv application to allocate large file...

EUVD-2026-26356

When exchanging data over a socket, libnv uses select2 to wait for data to arrive. However, it does not verify whether the provided socket descriptor fits in select2's file descriptor set size limit of FDSETSIZE 1024. An attacker who is able to force a libnv application to allocate large file...

CVE-2026-39457

CVE-2026-39457 concerns the libnv library. The issue arises when exchanging data over a socket: libnv uses select(2) but does not verify that the socket descriptor fits within FD_SETSIZE (1024). This can allow an attacker to cause stack corruption by forcing a process to allocate many file descri...

FreeBSD Security Advisory - FreeBSD-SA-26:16.libnv

FreeBSD Security Advisory - When exchanging data over a socket, libnv uses select2 to wait for data to arrive. However, it does not verify whether the provided socket descriptor fits in select2's file descriptor set size limit of FDSETSIZE 1024...

SUSE-SU-2025:21064-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2025-38008: mm/pagealloc: fix race condition in unaccepted memory handling bsc1244939. - CVE-2025-38539: trace/fgraph: Fix the warning caused by...

SUSE-SU-2025:4140-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-38008: mm/pagealloc: fix race condition in unaccepted memory handling bsc1244939. - CVE-2025-38539: trace/fgraph: Fix the warning caused by missing unregister...

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2025:4128-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4128-1 advisory. The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to fix various security issues The following security issue...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 Azure kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-38008: mm/pagealloc: fix race condition in unaccepted memory handling bsc1244939. CVE-2025-38539: trace/fgraph: Fix the warning caused by missing unregister...

SUSE-SU-2025:21040-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2025-38008: mm/pagealloc: fix race condition in unaccepted memory handling bsc1244939. - CVE-2025-38539: trace/fgraph: Fix the warning caused by missi...

Unbreakable Enterprise kernel security update

5.4.17-2136.348.3.1 - i40e: add validation for ringlen param Lukasz Czapnik Orabug: 38604168 CVE-2025-39973 - i40e: increase max descriptors for XL710 Justin Bronder Orabug: 38604168 CVE-2025-39973...

EUVD-2025-34599

In the Linux kernel, the following vulnerability has been resolved: i40e: add validation for ringlen param The ringlen parameter provided by the virtual function VF is assigned directly to the hardware memory context HMC without any validation. To address this, introduce an upper boundary check f...

CVE-2025-39973

In the Linux kernel, the following vulnerability has been resolved: i40e: add validation for ringlen param The ringlen parameter provided by the virtual function VF is assigned directly to the hardware memory context HMC without any validation. To address this, introduce an upper boundary check f...

EUVD-2017-16657

Malware in sbrugna...

EUVD-2016-3626

Malware in sbrugna...

EUVD-2025-28956

Malicious code in bioql PyPI...

SUSE CVE-2004-0077

The domremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the domunmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root privileges, a different...

Denial Of Service (DoS)

xen is vulnerable to denial of service. The vulnerability exists because XAPI to be unable to accept new requests for other trusted clients which allows an unauthenticated client on the network to cause XAPI to hit its file-descriptor limit...

Amazon Linux 2 : dbus (ALAS-2022-1870)

The version of dbus installed on the remote host is prior to 1.10.24-7. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1870 advisory. A flaw was found in dbus. The implementation of DBUSCOOKIESHA1 is susceptible to a symbolic link attack. A malicious client...