PT-2026-46093

Summary Jupyter Enterprise Gateway has a prohibited UID and GID feature that by default prevents launching kernels with UID or GID 0 root. This can be bypassed. It is possible to launch kernels with a prohibited UID and/or GID by using a specially crafted KERNEL UID or KERNEL GID value. The featu...

PT-2026-46124

Summary Jupyter Enterprise Gateway has a prohibited UID and GID feature that by default prevents launching kernels with UID or GID 0 root. This can be bypassed. It is possible to launch kernels with a prohibited UID and/or GID by using a specially crafted KERNEL UID or KERNEL GID value. The featu...

[SECURITY] Fedora 44 Update: rust-scx_layered-0.0.6-8.fc44

A highly configurable multi-layer BPF / user space hybrid scheduler used within schedext, which is a Linux kernel feature which enables implementing kernel thread schedulers in BPF and dynamically loading them. https://github.com/sched-ext/scx/tree/main...

Linux Distros Unpatched Vulnerability : CVE-2025-37868

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/xe/userptr: fix notifier vs folio deadlock User is reporting what smells like notifier v...

CVE-2025-38067 rseq: Fix segfault on registration when rseq_cs is non-zero

In the Linux kernel, the following vulnerability has been resolved: rseq: Fix segfault on registration when rseqcs is non-zero The rseqcs field is documented as being set to 0 by user-space prior to registration, however this is not currently enforced by the kernel. This can result in a segfault ...

CVE-2024-56716

In the Linux kernel, the following vulnerability has been resolved: netdevsim: prevent bad user input in nsimdevhealthbreakwrite If either a zero count or a large one is provided, kernel can crash...

CVE-2024-56716

CVE-2024-56716 affects the Linux kernel via netdevsim: nsim_dev_health_break_write() accepts a zero or excessively large count, which can crash the kernel. Connected advisories indicate this CVE is addressed in kernel updates for various distributions (e.g., Debian LTS, Mariner/Mageia/Amazon Linu...

Sakai 安全漏洞

Sakai is a freely available, feature-rich technology solution for learning, teaching, research and collaboration from Apereo Sakai Open Source. A security vulnerability exists in Sakai versions prior to 23.0 through 23.2, which stems from the fact that a kernel user created using the roleview typ...

Important: Red Hat Security Advisory: bubblewrap and flatpak security update

An update for bubblewrap and flatpak is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

USN-6349-1: Linux kernel (Azure) vulnerabilities

Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service bluetooth communication. CVE-2023-2002 Zi Fan Tan discovered that the binder IPC...

USN-6340-1 linux, linux-aws, linux-aws-5.4, linux-gcp, linux-hwe-5.4, linux-iot, linux-kvm, linux-oracle, linux-oracle-5.4 vulnerabilities

Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service bluetooth communication. CVE-2023-2002 Zi Fan Tan discovered that the binder IPC...

CVE-2015-10071

CVE-2015-10071 affects gitter-badger ezpublish-modern-legacy. The vulnerability involves the file kernel/user/forgotpassword.php, causing weak password recovery due to a flawed handling. Exploitation is described as difficult with high complexity and requires no user interaction; attack vector is...

USN-4439-1: Linux kernel vulnerabilities

It was discovered that the network block device nbd implementation in the Linux kernel did not properly check for error conditions in some situations. An attacker could possibly use this to cause a denial of service system crash. CVE-2019-16089 It was discovered that the btrfs file system...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-4425-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4425-1 advisory. It was discovered that the network block device nbd implementation in the Linux kernel did not properly check for error conditions in some...

CVE-2019-2181

In bindertransaction of binder.c in the Android kernel, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

CVE-2017-18261

The archtimerregreadstable macro in arch/arm64/include/asm/archtimer.h in the Linux kernel before 4.13 allows local users to cause a denial of service infinite recursion by writing to a file under /sys/kernel/debug in certain circumstances, as demonstrated by a scenario involving debugfs, ftrace,...