Important: kernel-livepatch-5.10.130-118.517

Issue Overview: A use-after-free flaw was found in the Linux kernel's POSIX CPU timers functionality in the way a user creates and then deletes the timer in the non-leader thread of the program. This flaw allows a local user to crash or potentially escalate their privileges on the system...

Huawei Data Communication: local-user service-type all or both secure and insecure protocols

When a user account uses both secure and insecure protocols, the insecure protocols will cause password disclosure. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

libguestfs: insecure temporary directory handling for guestfish's network socket

The guestfish command in libguestfs 1.20.12, 1.22.7, and earlier, when using the --remote or --listen option, does not properly check the ownership of /tmp/.guestfish-$UID/ when creating a temporary socket file in this directory, which allows local users to write to the socket and execute arbitra...