tcpdump security update

An update is available for tcpdump. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The tcpdump packages contain the tcpdump utility for monitoring network...

python3.12-cryptography bug fix and enhancement update

An update is available for python3.12-cryptography. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the...

ghostscript security update

An update is available for ghostscript. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Ghostscript suite contains utilities for rendering PostScript and PDF...

grub2 security update

An update is available for grub2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a...

dotnet6.0 security update

An update is available for dotnet6.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...

python3.12-PyMySQL bug fix and enhancement update

An update is available for python3.12-PyMySQL. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

libreoffice security update

An update is available for libreoffice. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list LibreOffice is an open source, community-developed office productivity...

.NET 8.0 security, bug fix, and enhancement update

An update is available for dotnet8.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...

linux-firmware security update

An update is available for linux-firmware. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The linux-firmware packages contain all of the firmware files that are...

RockyLinux 8 : tuned (RLSA-2024:11161)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:11161 advisory. tuned: improper sanitization of instancename parameter of the instancecreate method CVE-2024-52337 Tenable has extracted the preceding description block directly...

Azure Linux 3.0 Security Update: qemu (CVE-2024-4467)

The version of qemu installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-4467 advisory. - A flaw was found in the QEMU disk image utility qemu-img 'info' command. A specially crafted image file...

Configure a Proper Number of Queues in the SYN_RECV State

The SYNRECV queue stores the TCP connection requests that have not been confirmed by the peer end. A larger value indicates more waiting network connections. If the value is too small, the system is vulnerable to TCP SYN flood attacks. As a result, normal connections are denied. If the value is t...

Do Not Allow Hidden Executable Files

In Linux, the name of a hidden file starts with a dot .. Hidden executable files are not allowed in the system. Note that . and . are not hidden files. They refer to the current directory and upper-level directory, respectively. The .bashrc, .bashprofile, and .bashlogout files are script files us...

Enable Kernel ASLR

Address-space layout randomization ASLR randomly arranges the positions of the stack, function libraries, and programs to slightly different positions each time. As a result, the correct positions cannot be guessed, and buffer overflow attacks fail. In the Linux kernel, ASLR is classified into...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21917)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21917 advisory. - In the Linux kernel, the following vulnerability has been resolved: usb: renesasusbhs: Flush the...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21963)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21963 advisory. - In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21680)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21680 advisory. - In the Linux kernel, the following vulnerability has been resolved: pktgen: Avoid out-of-bounds access in...

Azure Linux 3.0 Security Update: containerd / containerd2 / moby-containerd / moby-containerd-cc (CVE-2024-40635)

The version of containerd / containerd2 / moby-containerd / moby-containerd-cc installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-40635 advisory. - containerd is an open-source container runtime. A b...

Azure Linux 3.0 Security Update: pytorch (CVE-2025-32434)

The version of pytorch installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-32434 advisory. - PyTorch is a Python package that provides tensor computation with strong GPU acceleration and deep neural...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21968)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21968 advisory. - In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix slab-use-after- fre...