Singularity 安全漏洞

Singularity is an open source container platform open sourced by Sylabs Inc. A security vulnerability exists in singularity that stems from a possible redirection of an LSM tag write operation, which could lead to the failure of security restrictions...

PT-2025-48736

SingularityCE and SingularityPRO are open source container platforms. Prior to SingularityCE 4.3.5 and SingularityPRO 4.1.11 and 4.3.5, if a user relies on LSM restrictions to prevent malicious operations then, under certain circumstances, an attacker can redirect the LSM label write operation so...

[SECURITY] [DLA 4379-1] linux-6.1 security update

Debian LTS Advisory DLA-4379-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings November 25, 2025 https://wiki.debian.org/LTS Package : linux-6.1 Version : 6.1.158-1deb11u1 CVE ID : CVE-2025-21861 CVE-2025-39929 CVE-2025-39931 CVE-2025-39934 CVE-2025-39937...

Linux Distros Unpatched Vulnerability : CVE-2022-50560

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/meson: explicitly remove aggregate driver at module unload time Because componentmasterdel wasn't being called when unloading the mesondrm module, the...

CVE-2025-64984

Kaspersky has fixed a security issue in Kaspersky Endpoint Security for Linux any version with anti-virus databases prior to 18.11.2025, Kaspersky Industrial CyberSecurity for Linux Nodes any version with anti-virus databases prior to 18.11.2025, and Kaspersky Endpoint Security for Mac 12.0.0.325...

TencentOS Server 4: perl (TSSA-2024:0301)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0301 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

CVE-2025-40137

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to truncate first page in error path of f2fstruncate syzbot reports a bug as below: loop0: detected capacity change from 0 to 40427 F2FS-fs loop0: Wrong SSA boundary, start3584 end4096 blocks3072 F2FS-fs loop0: Can't fi...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990877)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990877 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: Require FMODEWRITE for atomic write ioctls The F2FS ioctls for starting and committing atom...

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Check ssize for decryption and in-place encryption CVE-2025-40019 Affected Packages: kernel Issue Correction: Run dnf update kernel --releasever 2023.9.20251110 or dnf update --advisory...

runc: LSM labels can be bypassed with malicious config using dummy procfs files

...

runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects

A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : sccache (SUSE-SU-2025:3944-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:3944-1 advisory. - CVE-2025-55159 - updated slab with the uninit memory access fix bsc1248003 Tenable has extracted the...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990495)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990495 advisory. In the Linux kernel, the following vulnerability has been resolved: media: cx25821: Fix the warning when removing the module When removing the module, we will get th...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990387)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990387 advisory. In the Linux kernel, the following vulnerability has been resolved: i40e: Fix call trace in setuptxdescriptors After PF reset and ethtool -t there was call trace in...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990428)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990428 advisory. In the Linux kernel, the following vulnerability has been resolved: net: ipv6: unexport init-annotated seg6hmacinit EXPORTSYMBOL and init is a bad combination becaus...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990533)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990533 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix possible memory leak in lpfcrcvpadisc The call to lpfcsli4resumerpi in...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989957)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989957 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix more uncharged while msg has moredata In tcpbpfsendverdict, if msg has more dat...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988730)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988730 advisory. In the Linux kernel, the following vulnerability has been resolved: LSM: general protection fault in legacyparseparam The usual LSM hook bail on fail scheme doesn't...

RHEL 8 : bind9.16 (RHSA-2025:19793)

"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:19793 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named...