Lucene search
+L

28 matches found

astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: svcauthgss: Avoid NULL dereferencing on a zero-length gsstoken in gssreadproxyverf A zero-length gsstoken results in pageaddress being == 0, and intoken-pages0 being NULL. The code pageaddressintoken-pages0, which can lea...

5.5CVSS6.2AI score0.0016EPSS
Exploits0References2
nessus
nessus
added 2026/04/14 12:0 a.m.11 views

SUSE SLES15 Security Update : kernel (Live Patch 14 for SUSE Linux Enterprise 15 SP6) (SUSE-SU-2026:1271-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1271-1 advisory. This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.65 fixes various security issues The following security issues were fixed: -...

7.8CVSS5.9AI score0.00344EPSS
Exploits7References25
osv
osv
added 2026/04/13 8:35 a.m.9 views

SUSE-SU-2026:1293-1 Security update for the Linux Kernel (Live Patch 75 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise Kernel 4.12.14-122.283 fixes various security issues The following security issues were fixed: - CVE-2023-53794: cifs: fix session state check in reconnect to avoid use-after-free issue bsc1255235. - CVE-2025-71120: SUNRPC: svcauthgss: avoid NULL deref on...

7.8CVSS5.8AI score0.00204EPSS
Exploits0References11
osv
osv
added 2026/04/11 4:34 p.m.4 views

SUSE-SU-2026:1270-1 Security update for the Linux Kernel (Live Patch 33 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.130 fixes various security issues The following security issues were fixed: - CVE-2025-71120: SUNRPC: svcauthgss: avoid NULL deref on zero length gsstoken in gssreadproxyverf bsc1256780. - CVE-2026-22999: net/sched: schqfq: do not...

7.8CVSS6.1AI score0.00204EPSS
Exploits0References9
osv
osv
added 2026/04/10 5:35 p.m.4 views

SUSE-SU-2026:1259-1 Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise 15 SP6)

This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.42 fixes various security issues The following security issues were fixed: - CVE-2025-39973: i40e: add validation for ringlen param bsc1252036. - CVE-2025-40018: ipvs: Defer ipvsftp unregister during netns cleanup bsc1252689. -...

7.8CVSS5.8AI score0.00344EPSS
Exploits7References17
osv
osv
added 2026/04/10 8:4 a.m.3 views

SUSE-SU-2026:1244-1 Security update for the Linux Kernel (Live Patch 4 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.16 fixes various security issues The following security issues were fixed: - CVE-2025-39973: i40e: add validation for ringlen param bsc1252036. - CVE-2025-40018: ipvs: Defer ipvsftp unregister during netns cleanup bsc1252689. -...

7.8CVSS6.1AI score0.00344EPSS
Exploits7References17
osv
osv
added 2026/04/09 1:20 p.m.5 views

SUSE-SU-2026:21055-1 Security update for the Linux Kernel RT (Live Patch 11 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-32.1 fixes various security issues The following security issues were fixed: - CVE-2025-39973: i40e: add validation for ringlen param bsc1252036. - CVE-2025-40018: ipvs: Defer ipvsftp unregister during netns cleanup bsc1252689. -...

7.8CVSS5.8AI score0.00344EPSS
Exploits7References17
osv
osv
added 2026/04/09 8:48 a.m.3 views

SUSE-SU-2026:21009-1 Security update for the Linux Kernel RT (Live Patch 2 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.7.1 fixes various security issues The following security issues were fixed: - CVE-2025-40159: xsk: Harden userspace-supplied xdpdesc validation bsc1253404. - CVE-2025-71120: SUNRPC: svcauthgss: avoid NULL deref on zero length gsstoken...

7.8CVSS5.8AI score0.00344EPSS
Exploits7References13
suse
suse
added 2026/04/08 4:4 p.m.4 views

Security update for the Linux Kernel (Live Patch 67 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise Kernel 4.12.14-122.255 fixes various security issues The following security issues were fixed: CVE-2023-53794: cifs: fix session state check in reconnect to avoid use-after-free issue bsc1255235. CVE-2025-39973: i40e: add validation for ringlen param...

8.7CVSS6.6AI score0.00204EPSS
Exploits0References28
nessus
nessus
added 2026/01/20 12:0 a.m.3 views

MiracleLinux 9 : krb5-1.21.1-2.el9_4 (AXSA:2024-8746:04)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8746:04 advisory. krb5: GSS message token handling CVE-2024-37371 krb5: GSS message token handling CVE-2024-37370 Tenable has extracted the preceding description bloc...

9.1CVSS7.4AI score0.01863EPSS
Exploits0References3
susecve
susecve
added 2026/01/17 12:25 a.m.7 views

SUSE CVE-2025-71120

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: svcauthgss: avoid NULL deref on zero length gsstoken in gssreadproxyverf A zero length gsstoken results in pages == 0 and intoken-pages0 is NULL. The code unconditionally evaluates pageaddressintoken-pages0 for the initia...

7.5CVSS6.7AI score0.0016EPSS
Exploits0References125
attackerkb
attackerkb
added 2026/01/14 3:6 p.m.3 views

CVE-2025-71120

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: svcauthgss: avoid NULL deref on zero length gsstoken in gssreadproxyverf A zero length gsstoken results in pages == 0 and intoken-pages0 is NULL. The code unconditionally evaluates pageaddressintoken-pages0 for the initia...

5.3AI score0.0016EPSS
Exploits0References8Affected Software1
cnnvd
cnnvd
added 2026/01/14 12:0 a.m.7 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to check the length of the gsstoken, which could result in a null pointer dereference...

5.5CVSS6.2AI score0.0016EPSS
Exploits0References5
nessus
nessus
added 2025/10/07 12:0 a.m.2 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: krb5 (UTSA-2025-986178)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986178 advisory. In MIT Kerberos 5 aka krb5 before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length...

9.1CVSS7.2AI score0.01863EPSS
Exploits0References4
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-36619

Malicious code in bioql PyPI...

9.1CVSS7.7AI score0.01863EPSS
Exploits0References2
nessus
nessus
added 2025/07/25 12:0 a.m.2 views

NewStart CGSL MAIN 7.02 : krb5 Multiple Vulnerabilities (NS-SA-2025-0147)

The remote NewStart CGSL host, running version MAIN 7.02, has krb5 packages installed that are affected by multiple vulnerabilities: - In MIT Kerberos 5 aka krb5 before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid leng...

9.1CVSS7.4AI score0.01863EPSS
Exploits2References9
nessus
nessus
added 2025/06/16 12:0 a.m.5 views

TencentOS Server 4: krb5 (TSSA-2024:0438)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0438 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

9.1CVSS7.4AI score0.01863EPSS
Exploits0References3
nessus
nessus
added 2025/02/26 12:0 a.m.32 views

RockyLinux 8 : mysql:8.0 (RLSA-2025:1673)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:1673 advisory. openssl: SSLselectnextproto buffer overread CVE-2024-5535 krb5: GSS message token handling CVE-2024-37371 curl: libcurl: ASN.1 date parser overread...

9.1CVSS7.4AI score0.17301EPSS
Exploits3References99
nessus
nessus
added 2025/02/20 12:0 a.m.41 views

AlmaLinux 8 : mysql:8.0 (ALSA-2025:1673)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:1673 advisory. openssl: SSLselectnextproto buffer overread CVE-2024-5535 krb5: GSS message token handling CVE-2024-37371 curl: libcurl: ASN.1 date parser overread...

9.1CVSS7.4AI score0.17301EPSS
Exploits3References51
astralinux
astralinux
added 2025/02/11 7:35 a.m.5 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fixed the loop termination condition in gssfreeintokenpages. The intoken-pages array is not NULL-terminated. This results in the following KASAN issue: KASAN: Potential wild-memory-access in the range...

5.5CVSS6.3AI score0.00269EPSS
Exploits0References3
Rows per page
Query Builder