Azure Linux 3.0 Security Update: kernel (CVE-2025-21887)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21887 advisory. - In the Linux kernel, the following vulnerability has been resolved: ovl: fix UAF in ovldentryupdatereval by...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21934)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21934 advisory. - In the Linux kernel, the following vulnerability has been resolved: rapidio: fix an API misues when rioaddne...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21920)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21920 advisory. - In the Linux kernel, the following vulnerability has been resolved: vlan: enforce underlying device type...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21689)

"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21689 advisory. - In the Linux kernel, the following vulnerability has been resolved: USB: serial: quatech2: fix null-ptr-...

Azure Linux 3.0 Security Update: cf-cli / cni-plugins / containerized-data-importer / docker-compose / kubevirt / sriov-network-device-plugin (CVE-2025-22872)

The version of cf-cli / cni-plugins / containerized-data-importer / docker-compose / kubevirt / sriov-network-device- plugin installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-22872 advisory. - The...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21669)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21669 advisory. - In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: discard packets if the...

Azure Linux 3.0 Security Update: pgbouncer (CVE-2025-2291)

The version of pgbouncer installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-2291 advisory. - Password can be used past expiry in PgBouncer due to authquery not taking into account Postgres its VALID...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21996)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21996 advisory. - In the Linux kernel, the following vulnerability has been resolved: drm/radeon: fix uninitialized size issue...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21756)

"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21756 advisory. - In the Linux kernel, the following vulnerability has been resolved: vsock: Keep the binding until socket...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21683)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21683 advisory. - In the Linux kernel, the following vulnerability has been resolved: bpf: Fix bpfskselectreuseport memory lea...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21761)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21761 advisory. - In the Linux kernel, the following vulnerability has been resolved: openvswitch: use RCU protection in...

Photon OS 4.0: Linux PHSA-2025-4.0-0790

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0790. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Mageia: Security Advisory (MGASA-2025-0144)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 / openSUSE 15 Security Update : redis (SUSE-SU-2025:1433-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:1433-1 advisory. - CVE-2025-21605: Fixed an output buffer denial of service. bsc1241708 Tenable has extracted the preceding description block...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : poppler (SUSE-SU-2025:1434-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:1434-1 advisory. - CVE-2025-43903: improper verification of adbe.pkcs7.sha1 signatures allows for signature forgeries...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libxml2 (SUSE-SU-2025:1438-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1438-1 advisory. - CVE-2025-32414: Fixed an out-of-bounds read when parsing text via the Python API. bsc1241551 -...

SUSE SLES15 Security Update : redis (SUSE-SU-2025:1419-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:1419-1 advisory. - CVE-2025-21605: Fixed an output buffer denial of service. bsc1241708 Tenable has extracted the preceding description block directly from t...

CVE-2025-29906 Finit bundled getty can bypass /bin/login

Finit is a fast init for Linux systems. Versions starting from 3.0-rc1 and prior to version 4.11 bundle an implementation of getty for the tty configuration directive that can bypass /bin/login, i.e., a user can log in as any user without authentication. This issue has been patched in version 4.1...

Slackware Linux 15.0 / current mozilla-thunderbird Multiple Vulnerabilities (SSA:2025-119-02)

The version of mozilla-thunderbird installed on the remote host is prior to 128.10.0esr. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2025-119-02 advisory. New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues...

DSA-5907-1 linux - security update

Bulletin has no description...