MiracleLinux 4 : ntp-4.2.6p5-12.1.0.1.AXS4 (AXSA:2017-2400:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2400:02 advisory. Two vulnerabilities were discovered in the NTP server's parsing of configuration directives. A remote, authenticated attacker could cause ntpd to...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000748)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000748 advisory. The dovideosetspupalette function in fs/compatioctl.c in the Linux kernel before 3.6.5 on unspecified architectures lacks a certain error check, which might allow...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001009)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001009 advisory. The ttyopen function in drivers/tty/ttyio.c in the Linux kernel before 3.1.1 mishandles a driver-lookup failure, which allows local users to cause a denial of servic...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004264)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004264 advisory. Use-after-free vulnerability in fs/blockdev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging imprope...

runc: container escape with malicious config due to /dev/console mount and related races

A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console bind-mounts. When creating the /dev/console bind-mount to /dev/pts/$n, if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount...

runc: container escape via 'masked path' abuse due to mount race conditions

A flaw was found in runc. This flaw exploits an issue with how masked paths are implementedin runc. When masking files, runc will bind-mount the container's /dev/null inode on top of the file. However, if an attacker can replace /dev/null with a symlink to some other procfs file, runc will instea...

runc: container escape with malicious config due to /dev/console mount and related races

A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console bind-mounts. When creating the /dev/console bind-mount to /dev/pts/$n, if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount...

runc: container escape via 'masked path' abuse due to mount race conditions

A flaw was found in runc. This flaw exploits an issue with how masked paths are implementedin runc. When masking files, runc will bind-mount the container's /dev/null inode on top of the file. However, if an attacker can replace /dev/null with a symlink to some other procfs file, runc will instea...

SUSE CVE-2025-68813

In the Linux kernel, the following vulnerability has been resolved: ipvs: fix ipv4 null-ptr-deref in route error path The IPv4 code path in ipvsgetoutrt calls dstlinkfailure without ensuring skb-dev is set, leading to a NULL pointer dereference in fibcomputespecdst when ipv4linkfailure attempts t...

runc: container escape via 'masked path' abuse due to mount race conditions

A flaw was found in runc. This flaw exploits an issue with how masked paths are implementedin runc. When masking files, runc will bind-mount the container's /dev/null inode on top of the file. However, if an attacker can replace /dev/null with a symlink to some other procfs file, runc will instea...

CVE-2025-68813

A NULL pointer dereference vulnerability was found in the Linux kernel's IPVS IP Virtual Server implementation. In ipvsgetoutrt, when route lookup fails, dstlinkfailure is called with skb-dev set to NULL. The subsequent call chain through ipv4linkfailure to fibcomputespecdst dereferences skb-dev,...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003483)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003483 advisory. Race condition in the ecdeviceioctlxcmd function in drivers/platform/chrome/crosecdev.c in the Linux kernel before 4.7 allows local users to cause a denial of servic...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003370)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003370 advisory. The sgioctl function in drivers/scsi/sg.c in the Linux kernel before 4.13.4 allows local users to obtain sensitive information from uninitialized kernel heap-memory...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002568)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002568 advisory. Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002138)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002138 advisory. The clearuser function in arch/arm64/lib/clearuser.S in the Linux kernel before 3.17.4 on the ARM64 platform allows local users to cause a denial of service system...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003130)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003130 advisory. Linux Kernel version 3.18 to 4.16 incorrectly handles an SGIO ioctl on /dev/sg0 with dxferdirection=SGDXFERFROMDEV and an empty 6-byte cmdp. This may lead to copying...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002415)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002415 advisory. sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not ensure possession of a read/write lock, which allows local users t...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001783)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001783 advisory. The ttyopen function in drivers/tty/ttyio.c in the Linux kernel before 3.1.1 mishandles a driver-lookup failure, which allows local users to cause a denial of servic...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002522)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002522 advisory. The logprefix function in kernel/printk.c in the Linux kernel 3.x before 3.4.33 does not properly remove a prefix string from a syslog header, which allows local use...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001908)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001908 advisory. The clearuser function in arch/arm64/lib/clearuser.S in the Linux kernel before 3.17.4 on the ARM64 platform allows local users to cause a denial of service system...