26 matches found
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990288)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990288 advisory. In the Linux kernel, the following vulnerability has been resolved: s390/cpumsf: Handle CPU hotplug remove during sampling CPU hotplug remove handling triggers the...
EUVD-2011-3505
Malware in sbrugna...
EUVD-2023-59129
Malicious code in bioql PyPI...
UBUNTU-CVE-2025-38563
In the Linux kernel, the following vulnerability has been resolved: perf/core: Prevent VMA split of buffer mappings The perf mmap code is careful about mmap'ing the user page with the ringbuffer and additionally the auxiliary buffer, when the event supports it. Once the first mapping is...
CVE-2025-21889
CVE-2025-21889 (Linux kernel) : The vulnerability resides in the perf subsystem where perf_iterate_ctx() traverses an RCU list without acquiring the RCU read lock, triggering lockdep warnings (and potential misuse) when perf probe runs with unshare(1) under CONFIG_PROVE_RCU_LIST=y. The issue has ...
CVE-2024-58086
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Stop active perfmon if it is being destroyed If the active performance monitor v3d-activeperfmon is being destroyed, stop it first. Currently, the active perfmon is not stopped during destruction, leaving the...
Siemens SIMATIC and SCALANCE Devices Out-of-bounds Write (CVE-2023-5717)
A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events perf component can be exploited to achieve local privilege escalation. If perfreadgroup is called while an event's siblinglist is smaller than its child's siblinglist, it can increment or write to memor...
kernel: perf: Fix event leak upon exec and file release
Linux kernel perf pending task work is never waited upon the matching event release; in the case of a child event, released via freeevent directly, this can potentially result in a leaked event...
kernel: fs/proc: do_task_stat: use sig->stats_lock to gather the threads/children stats
A vulnerability was found in the dotaskstat function in the Linux kernel, where due to excessive lock contention, a potential hard lockup could be created. This can create a performance bottleneck and lead to kernel unresponsiveness...
EulerOS Virtualization 2.10.0 : kernel (EulerOS-SA-2024-1381)
According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Improper access control in the IntelR Ethernet Controller RDMA driver for linux before version 1.9.30 may allow an unauthenticate...
kernel: Out of boundary write in perf_read_group() as result of overflow a perf_event's read_size
A flaw was found in the Linux kernel's Performance Events system component. A condition can be triggered that allows data to be written past the end or before the beginning of the intended memory buffer. This may lead to a system crash, code execution, or local privilege escalation...
Important: Red Hat Security Advisory: kernel security and bug fix update
An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
EulerOS 2.0 SP10 : kernel (EulerOS-SA-2024-1086)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Improper access control in the IntelR Ethernet Controller RDMA driver for linux before version 1.9.30 may allow an unauthenticated user to...
Ubuntu 20.04 LTS : Linux kernel (GKE) vulnerabilities (USN-6548-4)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6548-4 advisory. It was discovered that Spectre-BHB mitigations were missing for Ampere processors. A local attacker could potentially use this to expose sensitive...
Important: kernel-livepatch-6.1.52-71.125
Issue Overview: An integer overflow in kmallocreserve in the Linux kernel may allow a local user to crash the system, or in some cases obtain code execution in kernel space. CVE-2023-42752 An issue was discovered in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel...
SUSE SLES15: cluster-md-kmp-azure / dlm-kmp-azure / gfs2-kmp-azure / etc (SUSE-SU-2023:4734-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4734-1 advisory. The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security and bugfixes. The following...
Ubuntu 20.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-6548-3)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6548-3 advisory. It was discovered that Spectre-BHB mitigations were missing for Ampere processors. A local attacker could potentially use this to expose sensitive...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-3336)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-5717
A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events perf component can be exploited to achieve local privilege escalation. If perfreadgroup is called while an event's siblinglist is smaller than its child's siblinglist, it can increment or write to memor...
kernel: use-after-free vulnerability in the perf_group_detach function of the Linux Kernel Performance Events
The Linux kernel's Performance Events subsystem has a use-after-free flaw that occurs when a user triggers the perfgroupdetach and removeonexec functions simultaneously. This flaw allows a local user to crash or potentially escalate their privileges on the system...