Linux Distros Unpatched Vulnerability : CVE-2024-26907

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/mlx5: Fix fortify source warning while accessing Eth segment ------------ cut here ------------ memcpy: detected field-spanning write size 56 of single fie...

SUSE SLES15 Security Update : podman (SUSE-SU-2025:0775-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0775-1 advisory. - CVE-2025-27144: Fixed denial of service in parsing function of embedded library Go JOSE bsc1237641 - CVE-2024-9676:...

Linux Distros Unpatched Vulnerability : CVE-2022-2503

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root...

SUSE SLES15 Security Update : podman (SUSE-SU-2025:0267-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0267-1 advisory. - CVE-2024-9676: github.com/containers/storage: Fixed symlink traversal vulnerability in the containers/storage library can cause...

CVE-2023-28149

An issue was discovered in the IhisiServiceSmm module in Insyde InsydeH2O with kernel 5.2 before 05.28.42, 5.3 before 05.37.42, 5.4 before 05.45.39, 5.5 before 05.53.39, and 5.6 before 05.60.39 that could allow an attacker to modify UEFI variables...

UBUNTU-CVE-2024-38394

DISPUTED Mismatches in interpreting USB authorization policy between GNOME Settings Daemon GSD through 46.0 and the Linux kernel's underlying device matching logic allow a physically proximate attacker to access some unintended Linux kernel USB functionality, such as USB device-specific kernel...

PT-2024-27978 · Gnome +2 · Gnome Settings Daemon +2

Name of the Vulnerable Software and Affected Versions: GNOME Settings Daemon versions through 46.0 Description: Mismatches in interpreting USB authorization policy between GNOME Settings Daemon and the Linux kernel's underlying device matching logic allow a physically proximate attacker to access...

RHEL 6 : udisks (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - udisks: Format string vulnerability in udiskslog in udiskslogging.c CVE-2018-17336 - udisks before 1.0.3...

CVE-2023-52866

In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Fix user-memory-access bug in uclogicparamsugeev2initeventhooks When CONFIGHIDUCLOGIC=y and CONFIGKUNITALLTESTS=y, launch kernel and then the below user-memory-access bug occurs. In...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a security flaw in the unload/reload behavior of modules...

Linux rootkits explained – Part 2: Loadable kernel modules

Part 2 dives into the world of LKMs Loadable Kernel Modules and kernel-space rootkits to explore what LKMs are, how attackers abuse them, and how to detect them...

Huawei HarmonyOS Denial of Service Vulnerability (CNVD-2023-98208)

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A denial of service vulnerability exists in Huawei HarmonyOS, which stems from the presence of mutual exclusion lock management in kernel modules. An attacke...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A denial of service vulnerability exists in Huawei HarmonyOS, which stems from the presence of mutual exclusion lock management in kernel modules. An attacke...

New SkidMap Linux Malware Variant Targeting Vulnerable Redis Servers

Vulnerable Redis services have been targeted by a "new, improved, dangerous" variant of a malware called SkidMap that's engineered to target a wide range of Linux distributions. "The malicious nature of this malware is to adapt to the system on which it is executed," Trustwave security researcher...

Chinese Hackers Deploy Microsoft-Signed Rootkit to Target Gaming Sector

Cybersecurity researchers have unearthed a novel rootkit signed by Microsoft that's engineered to communicate with an actor-controlled attack infrastructure. Trend Micro has attributed the activity cluster to the same actor that was previously identified as behind the FiveSys rootkit, which came ...

K16427: Linux kernel vulnerability CVE-2013-7421

Security Advisory Description The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AFALG socket with a module name in the salgname field, a different vulnerability than CVE-2014-9644. CVE-2013-7421 Impact There is no...

SUSE CVE-2009-0784

Race condition in the SystemTap stap tool 0.0.20080705 and 0.0.20090314 allows local users in the stapusr group to insert arbitrary SystemTap kernel modules and gain privileges via unknown vectors...

SUSE CVE-2010-4171

The staprun runtime tool in SystemTap 1.3 does not verify that a module to unload was previously loaded by SystemTap, which allows local users to cause a denial of service unloading of arbitrary kernel modules...

SUSE CVE-2010-4661

udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules...

SUSE CVE-2011-2746

Unspecified vulnerability in Kernel/Modules/AdminPackageManager.pm in OTRS-Core in Open Ticket Request System OTRS 2.x before 2.4.11 and 3.x before 3.0.10 allows remote authenticated administrators to read arbitrary files via unknown vectors...