CLSA-2026-1777286373 binutils: Fix of 5 CVEs

CVE-2025-11082: fix heap buffer overflow in bfdelfparseehframe - CVE-2025-5244: fix NULL deref in elfgcsweep for empty SECGROUP - CVE-2025-5245: fix SEGV in debugtypesamep / debugwritetype - CVE-2025-7545: fix heap buffer issue in objcopy copysection - CVE-2025-7546: fix corrupted group section...

SUSE CVE-2026-31528

In the Linux kernel, the following vulnerability has been resolved: perf: Make sure to use pmuctx-pmu for groups Oliver reported that x86pmudel ended up doing an out-of-bound memory access when groupschedin fails and needs to roll back. This should be handled by the transaction callbacks, but he...

CVE-2026-31528 perf: Make sure to use pmu_ctx->pmu for groups

In the Linux kernel, the following vulnerability has been resolved: perf: Make sure to use pmuctx-pmu for groups Oliver reported that x86pmudel ended up doing an out-of-bound memory access when groupschedin fails and needs to roll back. This should be handled by the transaction callbacks, but he...

PT-2026-34433

In the Linux kernel, the following vulnerability has been resolved: perf: Make sure to use pmu ctx-pmu for groups Oliver reported that x86 pmu del ended up doing an out-of-bound memory access when group sched in fails and needs to roll back. This should be handled by the transaction callbacks, bu...

CLSA-2026-1776331045 binutils: Fix of 5 CVEs

CVE-2025-11082: fix heap buffer overflow in bfdelfparseehframe - CVE-2025-5244: fix NULL deref in elfgcsweep for empty SECGROUP - CVE-2025-5245: fix SEGV in debugtypesamep / debugwritetype - CVE-2025-7545: fix heap buffer issue in objcopy copysection - CVE-2025-7546: fix corrupted group section...

OpenSSL 3.6.0 < 3.6.2 Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 3.6.2. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.6.2 advisory. - Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group...

OESA-2026-1588 libX11 security update

Core X11 protocol client library. Security Fixes: A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of...

UBUNTU-CVE-2023-53052

In the Linux kernel, the following vulnerability has been resolved: cifs: fix use-after-free bug in refreshcacheworker The UAF bug occurred because we were putting DFS root sessions in cifsumount while DFS cache refresher was being executed. Make DFS root sessions have same lifetime as DFS tcons ...

OESA-2025-1073 podman security update

Podman manages the entire container ecosystem which includes pods, containers, container images, and container volumes using the libpod library. Security Fixes: A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. A vulnerability was found in...

OESA-2025-1059 buildah security update

The package provides a command line tool which can be used to create a working container from scratch or create a working container from an image as a starting point mount/umount a working container's root file system for manipulation save container's root file system layer to create a new image...

USN-6536-1: Linux kernel vulnerabilities

Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service system crash or possibly expose sensitive information kernel memory. CVE-2023-39189 Kyle Zeng...

MGASA-2023-0245 Updated docker-containerd packages fix security vulnerability

Memory leak. CVE-2022-23471 Denial of service with maliciously crafted image with a large file CVE-2023-25153 Security bypass due to improper supplementary group handling. CVE-2023-25173...

Information disclosure

An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able t...

SUSE-SU-2018:3815-1 Security update for salt

This update for salt fixes the following issues: Security issues fixed: - CVE-2018-15750: Fixed directory traversal vulnerability in salt-api bsc1113698. - CVE-2018-15751: Fixed remote authentication bypass in salt-apinetapi that allows to execute arbitrary commands bsc1113699. Non-security issue...

Ubuntu: Security Advisory (USN-2000-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2012-2653

arpwatch 2.1a15, as used by Red Hat, Debian, Fedora, and possibly others, does not properly drop supplementary groups, which might allow attackers to gain root privileges by leveraging other vulnerabilities in the daemon...

Ubuntu USN-722-1 (sudo)

The remote host is missing an update to sudo announced via advisory USN-722-1. OpenVAS Vulnerability Test $Id: ubuntu7221.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu7221.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-722-1 sudo Authors: Thomas Reinke...

sudo: incorrect handling of groups in Runas_User

parse.c in sudo 1.6.9p17 through 1.6.9p19 does not properly interpret a system group aka %group in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a sudo command...

Debian Security Advisory DSA 154-1 (fam)

The remote host is missing an update to fam announced via advisory DSA 154-1. OpenVAS Vulnerability Test $Id: deb1541.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 154-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian: Security Advisory (DSA-154)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...