Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Fuse: Abort on fatal signal during sync init When sync init is used and the server exits for some reason e.g., error, crash, the filesystem creation will hang during the processing of FUSEINIT. The reason for this issue is that...

Astra Linux – Vulnerability in Linux

A issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, also known as CID-5d069dbe8aaf. The fusedogetattr function calls makebadinode in inappropriate situations, causing a system crash. NOTE: The original fix for this vulnerability was incomplete, and its...

Astra Linux – Vulnerability in glusterfs

In Gluster GlusterFS 11.0, there is a stack-based buffer over-read issue in xlators/mount/fuse/src/fuse-bridge.c...

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2026-1817)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1817 advisory. In the Linux kernel, the following vulnerability has been resolved: i40e: remove read access to debugfs files CVE-2025-39901 In the Linux kernel, the following vulnerability has been resolved:...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2026-121 (ALASKERNEL-5.10-2026-121)

The version of kernel installed on the remote host is prior to 5.10.257-254.1015. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2026-121 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix a race...

Important: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: bonding: fix use-after-free due to enslave fail after slave array update CVE-2026-23171 In the Linux kernel, the following vulnerability has been resolved: mm/pagewalk: fix race between concurrent split and refaul...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: i40e: remove read access to debugfs files CVE-2025-39901 In the Linux kernel, the following vulnerability has been resolved: exfat: validate cluster allocation bits of the allocation bitmap CVE-2025-40307 In the...

Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1816)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1816 advisory. In the Linux kernel, the following vulnerability has been resolved: bonding: fix use-after-free due to enslave fail after slave array update CVE-2026-23171 In the Linux kernel, the following...

EulerOS Virtualization 2.13.1 : kernel (EulerOS-SA-2026-2132)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : nvme: nvme-fc: Ensure -ioerrwork is cancelled in nvmefcdeletectrlCVE-2025-40261 cifs: fix session state check in reconnect to avoid...

EulerOS Virtualization 2.13.0 : kernel (EulerOS-SA-2026-2171)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : nvme: nvme-fc: Ensure -ioerrwork is cancelled in nvmefcdeletectrlCVE-2025-40261 cifs: fix session state check in reconnect to avoid...

CVE-2026-45252

When a fusefs file system implements extended attributes, the kernel may send a FUSELISTXATTR message to the userspace daemon to retrieve the list of extended attributes for a given file. The FUSE protocol requires the daemon to return a packed list of NUL-terminated strings. The fusefs kernel...

OESA-2026-2557 kata-containers security update

This is core component of Kata Container, to make it work, you need a isulad/docker engine. Security Fixes: 'This vulnerability was fixed in Kata Containers 3.31.0:', 'Description:\n\nIn the runtime-rs standalone virtio-fs path, Kata Containers runs virtiofsd\nas root with --sandbox none --seccom...

Linux Distros Unpatched Vulnerability : CVE-2026-48711

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - sshfs-fuse - None Ubuntu Linux - Unknown description CVE-2026-48711 Note that Nessus relies on the presence of the package as reported by the...

Linux Distros Unpatched Vulnerability : CVE-2026-47187

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - sshfs-fuse - None Ubuntu Linux - Unknown description CVE-2026-47187 Note that Nessus relies on the presence of the package as reported by the...

Kata guest escape: runtime-rs guest-root to host-root escape via virtiofs

Summary In the runtime-rs standalone virtio-fs path, verified here with QEMU and verified with Cloud Hypervisor too, Kata Containers runs host virtiofsd as root with: --sandbox none --seccomp none If an attacker has root-equivalent execution inside the Kata guest VM, they can send raw FUSE reques...

CVE-2026-46680 vulnerabilities

Vulnerabilities for packages: zot, docker-cli-buildx, chartmuseum, opa, consul-k8s, zarf, k8ssandra-client, wolfictl, opa-envoy, kubescape, gogatekeeper, newrelic-infrastructure-agent, gatekeeper, rancher, helm-operator, docker-compose, dagger, tw, k3s, helm, fuse-overlayfs-snapshotter,...

CVE-2026-46680 vulnerabilities

Vulnerabilities for packages: kube-arangodb-fips, packer-fips, kaniko, kots, kube-mgmt, tigera-operator, wolfictl, neuvector-fips, chainctl, chainctl-fips, kubescape-server-fips, ctop, docker, manifest-tool, buildkitd-fips, kaniko-fips, helm-operator, k3s, helm, docker-cli-buildx-fips,...

CVE-2026-45252

CVE-2026-45252 : In fusefs, when extended attributes are queried via FUSE_LISTXATTR, the kernel may call strlen() on a daemon-provided buffer without ensuring the list is fully NUL-terminated. If the list is not NUL-terminated, the fusefs kernel module may read past the end of a heap buffer and p...

CVE-2026-45252 Heap overflow in FUSE_LISTXATTR

When a fusefs file system implements extended attributes, the kernel may send a FUSELISTXATTR message to the userspace daemon to retrieve the list of extended attributes for a given file. The FUSE protocol requires the daemon to return a packed list of NUL-terminated strings. The fusefs kernel...

EUVD-2026-31254

When a fusefs file system implements extended attributes, the kernel may send a FUSELISTXATTR message to the userspace daemon to retrieve the list of extended attributes for a given file. The FUSE protocol requires the daemon to return a packed list of NUL-terminated strings. The fusefs kernel...