RHCOS 4 : OpenShift Container Platform 4.7.45 (RHSA-2022:0870)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0870 advisory. - cri-o: pod with access to 'hostIPC' and 'hostNetwork' kernel namespace allows sysctl from the list of safe sysctls to be applied t...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: powerpc/mm/fault: Fix kfence page fault reporting copyfromkernelnofault can be called when doing read of /proc/kcore. /proc/kcore can have some unmapped kfence objects which when read via copyfromkernelnofault can cause page...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003496)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003496 advisory. The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial...

SUSE CVE-2023-54003

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix GID entry ref leak when createah fails If AH create request fails, release sgidattr to avoid GID entry referrence leak reported while releasing GID table...

Oracle Linux 9 : systemd (ELSA-2025-22660)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-22660 advisory. - coredump: use %d in kernel core pattern - CVE-2025-4598 Tenable has extracted the preceding description block directly from the Oracle Linux security advisor...

CVE-2025-52565 container escape due to /dev/console mount and related races

runc is a CLI tool for spawning and running containers according to the OCI specification. Versions 1.0.0-rc3 through 1.2.7, 1.3.0-rc.1 through 1.3.2, and 1.4.0-rc.1 through 1.4.0-rc.2, due to insufficient checks when bind-mounting /dev/pts/$n to /dev/console inside the container, an attacker can...

kernel: HID: core: Harden s32ton() against conversion to 0 bits

In the Linux kernel, the following vulnerability has been resolved: HID: core: Harden s32ton against conversion to 0 bits Testing by the syzbot fuzzer showed that the HID core gets a shift-out-of-bounds exception when it tries to convert a 32-bit quantity to a 0-bit quantity. Ideally this should...

CVE-2022-50457 mtd: core: Fix refcount error in del_mtd_device()

In the Linux kernel, the following vulnerability has been resolved: mtd: core: Fix refcount error in delmtddevice delmtddevice will call ofnodeput to mtdgetofnodemtd, which is mtd-dev.ofnode. However, memset&mtd-dev, 0 is called before ofnodeput. As the result, ofnodeput won't do anything in...

Linux Distros Unpatched Vulnerability : CVE-2023-53326

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - powerpc: Don't try to copy PPR for task with NULL ptregs powerpc sets up PFKTHREAD and PFIOWORKER with a NULL ptregs, which from my arguably very short checking...

CVE-2025-38682

The CVE-2025-38682 entry details a Linux kernel vulnerability in i2c core: i2c_unregister_device() could double-free a fwnode when the i2c_client has a software-node as its primary fwnode. The root cause was unconditional fwnode_handle_put() on the i2c_client, which, if a software fwnode is prima...

RHEL 8 : kernel (RHSA-2025:14742)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:14742 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: netsched: hfsc: Fix a UAF...

SUSE-SU-2025:20597-1 Security update for systemd

This update for systemd fixes the following issues: - Remove the script used to help migrating the language and locale settings located in /etc/sysconfig/language on old systems to the systemd default locations bsc1247074 The script was introduced more than 7 years ago and all systems running TW...

Security update for systemd

This update for systemd fixes the following issues: coredump: use %d in kernel core pattern CVE-2025-4598 Revert "macro: terminate the temporary VAARGSFOREACH array with a sentinel" SUSE specific umount: do not move busy network mounts bsc1236177 man/pstore.conf: pstore.conf template is not alway...

SUSE-SU-2025:20416-1 Security update for systemd

This update for systemd fixes the following issues: - coredump: use %d in kernel core pattern CVE-2025-4598 - Revert "macro: terminate the temporary VAARGSFOREACH array with a sentinel" SUSE specific - umount: do not move busy network mounts bsc1236177 - man/pstore.conf: pstore.conf template is n...

systemd security update

239-82.0.4.5 - coredump: use %d in kernel core pattern - CVE-2025-4598...

systemd security update

252-51.0.2 - coredump: use %d in kernel core pattern - CVE-2025-4598...

OESA-2024-1145 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A Null pointer dereference problem was found in idafree in lib/idr.c in the Linux Kernel. This issue may allow an attacker using this library to cause a denial of service problem due to a missing check at a function...

AZL-25740 CVE-2023-1249 affecting package kernel for versions less than 5.15.107.1-2

A use-after-free flaw was found in the Linux kernel’s core dump subsystem. This flaw allows a local user to crash the system. Only if patch 390031c94211 "coredump: Use the vma snapshot in fillfilesnote" not applied yet, then kernel could be affected...

CRI-O: Arbitrary code execution in cri-o via abusing “kernel.core_pattern” kernel parameter

A flaw was found in CRI-O in the way it set kernel options for a pod. This issue allows anyone with rights to deploy a pod on a Kubernetes cluster that uses the CRI-O runtime to achieve a container escape and arbitrary code execution as root on the cluster node, where the malicious pod was deploy...

CRI-O: Arbitrary code execution in cri-o via abusing “kernel.core_pattern” kernel parameter

A flaw was found in CRI-O in the way it set kernel options for a pod. This issue allows anyone with rights to deploy a pod on a Kubernetes cluster that uses the CRI-O runtime to achieve a container escape and arbitrary code execution as root on the cluster node, where the malicious pod was deploy...