ROOT-OS-UBUNTU-2204-CVE-2026-23351 CVE-2026-23351 in rootio-linux - Patched by Root

Root has patched CVE-2026-23351 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

EulerOS Virtualization 2.10.0 : util-linux (EulerOS-SA-2026-2065)

According to the versions of the util-linux packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in util-linux. Improper hostname canonicalization in the login1 utility, when invoked with the -h option, can...

⚡ Weekly Recap: New Linux Flaw, PAN-OS Exploit, AI-Powered Attacks, OAuth Phishing and More

Monday hit like a cron job with anger issues. A busted auth path here, a repo-side faceplant there, some "patched-ish" thing already getting chewed on in the wild, and then the usual bonus round: poisoned dev tools, sketchy forum chatter, phishing kits pretending to be productivity, and AI loweri...

Linux Distros Unpatched Vulnerability : CVE-2025-68321

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pagepool: always add GFPNOWARN for ATOMIC allocations Driver authors often forget to add GFPNOWARN for page allocation from the datapath. This is annoying to...

CVE-2025-14104

A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the setpwnam function, affecting SUID Set User ID login-utils utilities writing to the password database. Mitigation Mitigation for this issue is either not...

Linux Distros Unpatched Vulnerability : CVE-2025-39985

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - can: mcbausb: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypass the CAN framework logic and to directly reach the xmit...

EUVD-2020-3130

Malware in sbrugna...

EUVD-2022-26609

Malicious code in bioql PyPI...

New DripDropper Malware Exploits Linux Flaw Then Patches It Lock Rivals Out

A new report from Red Canary reveals a clever Linux malware called DripDropper that exploits a flaw and…...

Linux Distros Unpatched Vulnerability : CVE-2022-49982

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: pvrusb2: fix memory leak in pvrprobe The error handling code in pvr2hdwcreate forgets to unregister the v4l2 device. When pvr2hdwcreate returns back to...

Linux Distros Unpatched Vulnerability : CVE-2021-3620

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the...

Linux Distros Unpatched Vulnerability : CVE-2017-1000410

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse...

Kinsing Actors Exploiting Recent Linux Flaw to Breach Cloud Environments

The threat actors linked to Kinsing have been observed attempting to exploit the recently disclosed Linux privilege escalation flaw called Looney Tunables as part of a "new experimental campaign" designed to breach cloud environments. "Intriguingly, the attacker is also broadening the horizons of...

ALPINE-CVE-2021-3996

A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows a local user on a vulnerable system to unmount other users' filesystems that are either world-writable themselves like /tmp or mounted in a...

Most QNAP NAS Devices Affected by ‘Dirty Pipe’ Linux Flaw

The “Dirty Pipe” Linux kernel flaw – a high-severity vulnerability in all major distros that grants root access to unprivileged users who have local access – affects most of QNAP’s network-attached storage NAS appliances, the Taiwanese manufacturer warned on Monday. Dirty Pipe, a recently reporte...

PT-2022-13263

Name of the Vulnerable Software and Affected Versions util-linux versions prior to 2.37.4 Description A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an INPUTRC environment variable to get a path to the library config file...

CVE-2022-0563

A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from t...

The vulnerability of the Pacemaker resource manager in the operating system utility package for SUSE Linux Supportutils allows a hacker to re-record arbitrary files.

The vulnerability of the Pacemaker resource manager in the Oracle Enterprise Linux distribution is related to an incorrect definition of the link before accessing a file. Exploiting this vulnerability could allow an attacker to re-write any files they desire...

First Android Malware Found Exploiting Dirty COW Linux Flaw to Gain Root Privileges

Nearly a year after the disclosure of the Dirty COW vulnerability that affected the Linux kernel, cybercriminals have started exploiting the vulnerability against Android users, researchers have warned. Publicly disclosed last year in October, Dirty COW was present in a section of the Linux...

security flaw

script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command...