Important: Red Hat Security Advisory: podman security update

An update for podman is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

UBUNTU-CVE-2026-43492

In the Linux kernel, the following vulnerability has been resolved: lib/crypto: mpi: Fix integer underflow in mpireadrawfromsgl Yiming reports an integer underflow in mpireadrawfromsgl when subtracting "lzeros" from the unsigned "nbytes". For this to happen, the scatterlist "sgl" needs to occupy...

CVE-2026-43492

CVE-2026-43492 affects the Linux kernel crypto stack: mpi_read_raw_from_sgl() can underflow when subtracting lzeros from nbytes if an all-zero scatterlist is used, leading to a DoS with soft lockups. The vulnerability is triggered via KEYCTL_PKEY_ENCRYPT paths that create an all-zero scatterlist ...

luksmeta: Data corruption when handling LUKS1 partitions with luksmeta

A data corruption vulnerability has been identified in the luksmeta utility when used with the LUKS1 disk encryption format. An attacker with the necessary permissions can exploit this flaw by writing a large amount of metadata to an encrypted device. The utility fails to correctly validate the...

openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap

A flaw was found in the OpenSSL CMS implementation RFC 3211 KEK Unwrap. This vulnerability allows memory corruption, an application level denial of service, or potential execution of attacker-supplied code via crafted CMS messages using password-based encryption PWRI...

ALSA-2026:19173 Important: podman security update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service...

Important: buildah security update

The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a...

ALSA-2026:19186 Important: buildah security update

The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a...

RHEL 9 : podman (RHSA-2026:19173)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19173 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods...

Moderate: luksmeta security update

LUKSMeta is a simple library for storing metadata in the LUKSv1 header. The luksmeta package is a dependency of the clevis and tang packages, together providing the Network Bound Disk Encryption NBDE in AlmaLinux. Security Fixes: luksmeta: Data corruption when handling LUKS1 partitions with...

ALSA-2026:18421 Moderate: luksmeta security update

LUKSMeta is a simple library for storing metadata in the LUKSv1 header. The luksmeta package is a dependency of the clevis and tang packages, together providing the Network Bound Disk Encryption NBDE in AlmaLinux. Security Fixes: luksmeta: Data corruption when handling LUKS1 partitions with...

Taking Cryptography out of the Data Path Via Near-Memory Processing in DRAM

Cryptographic algorithms such as AES-128 and SHA-256 are fundamental to ensuring data security and integrity. Although these algorithms are computationally efficient, their performance is often constrained by the processor-centric architectures e.g., CPUs, GPUs, primarily due to the memory...

ALSA-2026:18824 Moderate: luksmeta security update

LUKSMeta is a simple library for storing metadata in the LUKSv1 header. The luksmeta package is a dependency of the clevis and tang packages, together providing the Network Bound Disk Encryption NBDE in AlmaLinux. Security Fixes: luksmeta: Data corruption when handling LUKS1 partitions with...

SUSE SLES15 Security Update : kernel (Live Patch 35 for SUSE Linux Enterprise 15 SP5) (SUSE-SU-2026:1877-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:1877-1 advisory. This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.136 fixes one security issue The following security issue was fixed: - CVE-2026-4328...

Apache OFBiz 安全漏洞

Apache OFBiz is an ERP system developed by the Apache Foundation in the United States. This system provides a complete set of Java-based web application components and tools. Versions of Apache OFBiz prior to 24.09.06 contained security vulnerabilities, which were caused by the use of hard-coded...

ALSA-2026:19017 Important: podman security update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679...

ALSA-2026:19353 Important: opentelemetry-collector security update

Collector with the supported components for a AlmaLinux build of OpenTelemetry Security Fixes: net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path...

Important: podman security update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service...

RHEL 10 : podman (RHSA-2026:19017)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19017 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use...

MongoDB 7.0.x < 7.0.34 / 8.0.x < 8.0.23 / 8.2.x < 8.2.9 / 8.3.x < 8.3.2 Multiple Vulnerabilities (SERVER-122032 / SERVER-122449)

The version of MongoDB installed on the remote host is 7.0 prior to 7.0.34, 8.0 prior to 8.0.23, 8.2 prior to 8.2.9, or 8.3 prior to 8.3.2. It is, therefore, affected by multiple vulnerabilities: - An authenticated user can cause excess memory usage via bitwise match expression AST processing of...