PT-2025-51688

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the libceph component, specifically in the handle auth session key function. This issue could lead to potential out-of-bounds writes due to...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987403)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987403 advisory. In the Linux kernel, the following vulnerability has been resolved: libceph: fix race between delayedwork and cephmoncstop The way the delayed work is handled in...

EUVD-2025-30863

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-39880

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libceph: fix invalid accesses to cephconnectionv1info There is a place where generic code in messenger.c is reading and another place where it is writing to...

libceph: fix invalid accesses to ceph_connection_v1_info

...

SUSE CVE-2025-39880

In the Linux kernel, the following vulnerability has been resolved: libceph: fix invalid accesses to cephconnectionv1info There is a place where generic code in messenger.c is reading and another place where it is writing to con-v1 union member without checking that the union member is active i.e...

AZL-74936 CVE-2025-39880 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: libceph: fix invalid accesses to cephconnectionv1info There is a place where generic code in messenger.c is reading and another place where it is writing to con-v1 union member without checking that the union member is active i.e...

UBUNTU-CVE-2025-39880

In the Linux kernel, the following vulnerability has been resolved: libceph: fix invalid accesses to cephconnectionv1info There is a place where generic code in messenger.c is reading and another place where it is writing to con-v1 union member without checking that the union member is active i.e...

CVE-2025-39880

In the Linux kernel, the following vulnerability has been resolved: libceph: fix invalid accesses to cephconnectionv1info There is a place where generic code in messenger.c is reading and another place where it is writing to con-v1 union member without checking that the union member is active i.e...

Linux Distros Unpatched Vulnerability : CVE-2023-52636

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: libceph: just wait for more data to be available on the socket A short read may occur while...

PT-2025-39137

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the libceph component related to invalid accesses to ceph connection v1 info. Specifically, generic code in messenger.c reads and writes to the...

PT-2026-2877

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's libceph component where the decode pool function may be susceptible to out-of-bounds reads. This can occur if an osdmap is corrupted, specifically whe...

ROS-20241015-13

A vulnerability in the libceph component of the Linux kernel is related to incorrect input validation of the in the getreply and prepnextsparseread functions in net/ceph/osdclient.c, in the decrypttail and preparereadtailplain in net/ceph/messengerv2.c, in sizeoffooter, readpartialsparsemsgdata,...

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2024-12779)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12779 advisory. - driver core: Fix ueventshow vs driver detach race Dan Williams Orabug: 37029154 CVE-2024-44952 - VMCI: Fix use-after-free when removing resource in...

Unbreakable Enterprise kernel security update

4.14.35-2047.541.4.1 - vhost/scsi: null-ptr-dereference in vhostscsigetreq Haoran Zhang Orabug: 37137499 4.14.35-2047.541.4 - selftests: make order checking verbose in msgzerocopy selftest Zijian Zhang Orabug: 37063821 - selftests: fix OOM in msgzerocopy selftest Zijian Zhang Orabug: 37063821 -...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2024-12618)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12618 advisory. - net: mana: Fix possible double free in error handling path Ma Ke Orabug: 36897038 CVE-2024-42069 - net: relax socket state check at accept time...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2024-12612)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12612 advisory. 5.4.17-2136.335.4.el8 - mm: memcg/slab: enable kmalloc-cg- caches for x8664. Imran Khan Orabug: 36951041 - printk: add kthread for long-running...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2024-12610)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12610 advisory. - MIPS: Octeon: Add PCIe link status check Dave Kleikamp Orabug: 36947196 CVE-2024-40968 - drm/amdgpu: Fix signedness bug in sdmav40processtrapirq...

Unbreakable Enterprise kernel-container security update

5.4.17-2136.335.4.el8 - mm: memcg/slab: enable kmalloc-cg- caches for x8664. Imran Khan Orabug: 36951041 - printk: add kthread for long-running print Stephen Brennan Orabug: 36456582 - kdb: Use the passed prompt in kdbpositioncursor Douglas Anderson - driver core: Fix ueventshow vs driver detach...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-42232)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-42232 advisory. - In the Linux kernel, the following vulnerability has been resolved: libceph: fix race between delayedwork an...