MiracleLinux 9 : rear-2.6-21.el9_3.ML.1 (AXSA:2024-7585:02)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-7585:02 advisory. rear: creates a world-readable initrd CVE-2024-23301 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000772)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000772 advisory. Stack-based buffer overflow in the getmatchingmodelmicrocode function in arch/x86/kernel/cpu/microcode/intelearly.c in the Linux kernel before 4.0 allows...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002218)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002218 advisory. Stack-based buffer overflow in the getmatchingmodelmicrocode function in arch/x86/kernel/cpu/microcode/intelearly.c in the Linux kernel before 4.0 allows...

EUVD-2023-60474

In the Linux kernel, the following vulnerability has been resolved: m68k: mm: Move initrd phystovirt handling after paginginit When booting with an initial ramdisk on platforms where physical memory does not start at address zero e.g. on Amiga: initrd: 0ef0602c - 0f800000 Zone ranges: DMA mem...

CVE-2023-54167

In the Linux kernel, the following vulnerability has been resolved: m68k: mm: Move initrd phystovirt handling after paginginit When booting with an initial ramdisk on platforms where physical memory does not start at address zero e.g. on Amiga: initrd: 0ef0602c - 0f800000 Zone ranges: DMA mem...

UBUNTU-CVE-2023-54167

In the Linux kernel, the following vulnerability has been resolved: m68k: mm: Move initrd phystovirt handling after paginginit When booting with an initial ramdisk on platforms where physical memory does not start at address zero e.g. on Amiga: initrd: 0ef0602c - 0f800000 Zone ranges: DMA mem...

CVE-2023-54167 m68k: mm: Move initrd phys_to_virt handling after paging_init()

In the Linux kernel, the following vulnerability has been resolved: m68k: mm: Move initrd phystovirt handling after paginginit When booting with an initial ramdisk on platforms where physical memory does not start at address zero e.g. on Amiga: initrd: 0ef0602c - 0f800000 Zone ranges: DMA mem...

[SECURITY] [DLA 4400-1] rear security update

Debian LTS Advisory DLA-4400-1 [email protected] https://www.debian.org/lts/security/ Daniel Leidert December 10, 2025 https://wiki.debian.org/LTS Package : rear Version : 2.6+dfsg-1+deb11u1 CVE ID : CVE-2024-23301 Debian Bug : 1060747 It has been discovered that Relax-and-Recover aka...

Debian dla-4400 : rear - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4400 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4400-1 [email protected] https://www.debian.org/lts/security/...

SUSE-SU-2025:4305-1 Security update for grub2

This update for grub2 fixes the following issues: - CVE-2025-54771: Fixed rubfileclose does not properly controls the fs refcount bsc1252931 - CVE-2025-54770: Fixed missing unregister call for netsetvlan command may lead to use-after-free bsc1252930 - CVE-2025-61662: Fixed missing unregister call...

Security update for grub2

This update for grub2 fixes the following issues: CVE-2025-54770: Fixed missing unregister call for netsetvlan command may lead to use-after-free bsc1252930 CVE-2025-54771: Fixed rubfileclose does not properly controls the fs refcount bsc1252931 CVE-2025-61661: Fixed out-of-bounds write in...

SUSE-SU-2025:4196-1 Security update for grub2

This update for grub2 fixes the following issues: - CVE-2025-54770: Fixed missing unregister call for netsetvlan command may lead to use-after-free bsc1252930 - CVE-2025-54771: Fixed rubfileclose does not properly controls the fs refcount bsc1252931 - CVE-2025-61661: Fixed out-of-bounds write in...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

EUVD-2025-10983

Malicious code in bioql PyPI...

EUVD-2024-20820

Malicious code in bioql PyPI...

[slackware-security] kernel

New kernel packages are available for Slackware 15.0 to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/kernel-firmware-20250912f0f4634-noarch-1.txz: Upgraded. patches/packages/linux-5.15.193/kernel-generic-5.15.193-i586-1.txz: Upgraded...

CVE-2025-32438

make-initrd-ng is a tool for copying binaries and their dependencies. Local privilege escalation affecting all NixOS users. With systemd.shutdownRamfs.enable enabled the default a local user is able to create a program that will be executed by root during shutdown. Patches exist for NixOS 24.11 a...

CVE-2025-32438

make-initrd-ng is a tool for copying binaries and their dependencies. Local privilege escalation affecting all NixOS users. With systemd.shutdownRamfs.enable enabled the default a local user is able to create a program that will be executed by root during shutdown. Patches exist for NixOS 24.11 a...

CVE-2025-32438 Local privilege escalation in make-initrd-ng

make-initrd-ng is a tool for copying binaries and their dependencies. Local privilege escalation affecting all NixOS users. With systemd.shutdownRamfs.enable enabled the default a local user is able to create a program that will be executed by root during shutdown. Patches exist for NixOS 24.11 a...

CVE-2025-32438

CVE-2025-32438 affects make-initrd-ng used on NixOS. A local user can escalate privileges by exploiting shutdown behavior when systemd.shutdownRamfs.enable is on (default). A program created by a low-privilege user can be executed by root during system shutdown, enabling total impact on confident...