SUSE CVE-2024-50010

In the Linux kernel, the following vulnerability has been resolved: exec: don't WARN for racy pathnoexec check Both imode and noexec checks wrapped in WARNON stem from an artifact of the previous implementation. They used to legitimately check for the condition, but that got moved up in two...

CVE-2022-48983 io_uring: Fix a null-ptr-deref in io_tctx_exit_cb()

In the Linux kernel, the following vulnerability has been resolved: iouring: Fix a null-ptr-deref in iotctxexitcb Syzkaller reports a NULL deref bug as follows: BUG: KASAN: null-ptr-deref in iotctxexitcb+0x53/0xd3 Read of size 4 at addr 0000000000000138 by task file1/1955 CPU: 1 PID: 1955 Comm:...

CVE-2024-50010 exec: don't WARN for racy path_noexec check

In the Linux kernel, the following vulnerability has been resolved: exec: don't WARN for racy pathnoexec check Both imode and noexec checks wrapped in WARNON stem from an artifact of the previous implementation. They used to legitimately check for the condition, but that got moved up in two...

CVE-2024-50010

CVE-2024-50010 affects the Linux kernel’s exec path checks. The issue is a race in the path_noexec (and i_mode) checks that led to spurious WARN_ON warnings when noexec is toggled, rather than a real permission failure. The fix removes the redundant path_noexec WARN and updates commentary; no exp...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a warning issue with the race pathnoexec check during exec...

Brocade SANnav Vulnerability Disclosures

Brocade Security Advisories posted on March 3, 2026 CVEs addressed in SANnav 3.0.0 CVE-2025-53905, CVE-2025-53906 Path traversal issues in Vims tar.vim and zip.vim plugins PSIRT Risk: Low https://support.broadcom.com/external/content/SecurityAdvisories/0/37152 CVE-2025-26465 OpenSSH security upda...

Command Injection

ggit is vulnerable to Command Injection. The vulnerability is due to user input being concatenated with a git command, which is then passed to the unsafe exec Node.js child process API. It allows an attacker to inject arbitrary commands...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2024-12780)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12780 advisory. - VMCI: Fix use-after-free when removing resource in vmciresourceremove David Fernandez Gonzalez Orabug: 37037205 CVE-2024-46738 - exec: Fix ToCTo...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2024-12782)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12782 advisory. - VMCI: Fix use-after-free when removing resource in vmciresourceremove David Fernandez Gonzalez Orabug: 37037205 CVE-2024-46738 - exec: Fix ToCTo...

CVE-2024-43549

Windows Routing and Remote Access Service RRAS Remote Code Execution Vulnerability...

CVE-2024-38265

CVE-2024-38265 is a Windows RRAS remote code execution vulnerability. The connected documents confirm RRAS is affected and indicate this CVE can lead to remote code execution over the network, with a highly elevated impact (NCSC lists 8.80, Execute random code). The initial metrics show CVSSv3.1:...

CVE-2024-21532

All versions of the package ggit are vulnerable to Command Injection via the fetchTagsbranch API, which allows user input to specify the branch to be fetched and then concatenates this string along with a git command which is then passed to the unsafe exec Node.js child process API...

kernel: Fix of 13 CVEs

btrfs: fix use-after-free after failure to create a snapshot CVE-2022-48733 - hwmon: nct6775-core Fix underflows seen when writing limit attributes CVE-2024-46757 - wifi: mac80211: Avoid address calculations via out of bounds array indexing CVE-2024-41071 - netfilter: conntrack: dccp: copy entire...

CLSA-2024-1728297376 kernel: Fix of 13 CVEs

btrfs: fix use-after-free after failure to create a snapshot CVE-2022-48733 - hwmon: nct6775-core Fix underflows seen when writing limit attributes CVE-2024-46757 - wifi: mac80211: Avoid address calculations via out of bounds array indexing CVE-2024-41071 - netfilter: conntrack: dccp: copy entire...

PT-2024-18946

Name of the Vulnerable Software and Affected Versions ggit versions all Description The issue concerns Command Injection via the fetchTagsbranch API, which allows user input to specify the branch to be fetched. This input is then concatenated with a git command and passed to the unsafe exec Node....

CLSA-2024-1727817133 Fix of 74 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-26752 - l2tp: pass correct message length to ip6appenddata CVE-url: https://ubuntu.com/security/CVE-2021-47188 - scsi: ufs: core: Improve SCSI abort handling CVE-url: https://ubuntu.com/security/CVE-2024-26677 - rxrpc: Fix delayed ACKs to not set the...

CLSA-2024-1727690947 kernel: Fix of 80 CVEs

sch/netem: fix use after free in netemdequeue CVE-2024-46800 - VMCI: Fix use-after-free when removing resource in vmciresourceremove CVE-2024-46738 - drm/amdgpu: Fix out-of-bounds write warning CVE-2024-46725 - drm/amdgpu: Fix out-of-bounds read of dfv17channelnumber CVE-2024-46724 - drm/amdgpu:...

CVE-2024-46826 ELF: fix kernel.randomize_va_space double read

In the Linux kernel, the following vulnerability has been resolved: ELF: fix kernel.randomizevaspace double read ELF loader uses "randomizevaspace" twice. It is sysctl and can change at any moment, so 2 loads could see 2 different values in theory with unpredictable consequences. Issue exactly on...

Exploit for Code Injection in Spx Spx_Graphics_Controller

CVE-2024-44623 In SPX-GC...

Important: Red Hat Security Advisory: bubblewrap and flatpak security update

An update for bubblewrap and flatpak is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...