109 matches found
UDisks Daemon Vulnerable to Local Privilege Escalation via Negative Index in Loop Device Handler
Udisks is vulnerable to out-of-bounds read due to improper validation of the index parameter in the loop device handler. This could allow an attacker to crash the UDisks daemon or perform local privilege escalation by accessing files owned by privileged users...
Oracle Linux 9 : util-linux (ELSA-2026-1913)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-1913 advisory. 2.37.4-21.0.1 - Orabug 35995271 - report lost loop device Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...
util-linux security update
2.32.1-48.0.1 - Orabug 35995159 - report lost loop device 2.32.1-48 - fix RHEL-134296 - libblkid: use snprintf instead of sprintf - fix RHEL-133946 - login-utils: fix setpwnam buffer use CVE-2025-14104...
util-linux security update
2.37.4-21.0.1 - Orabug 35995271 - report lost loop device...
Oracle Linux 8 : util-linux (ELSA-2026-1852)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-1852 advisory. 2.32.1-48.0.1 - Orabug 35995159 - report lost loop device 2.32.1-48 - fix RHEL-134296 - libblkid: use snprintf instead of sprintf - fix RHEL-133946 - login-util...
Azure Linux 3.0 Security Update: kernel (CVE-2025-38415)
"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38415 advisory. - In the Linux kernel, the following vulnerability has been resolved: Squashfs: check return result of...
EulerOS 2.0 SP10 : udisks2 (EulerOS-SA-2026-1059)
According to the versions of the udisks2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the Udisks daemon, where it allows unprivileged users to create loop devices using the D-BUS system. This is achieved via the...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993283)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993283 advisory. In the Linux kernel, the following vulnerability has been resolved: loop: Check for overflow while configuring loop The userspace can configure a loop using an ioct...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992258)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992258 advisory. In the Linux kernel, the following vulnerability has been resolved: loop: Check for overflow while configuring loop The userspace can configure a loop using an ioct...
Huawei EulerOS: Security Advisory for udisks2 (EulerOS-SA-2025-2472)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991150)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991150 advisory. In the Linux kernel, the following vulnerability has been resolved: loop: Check for overflow while configuring loop The userspace can configure a loop using an ioct...
EulerOS 2.0 SP11 : udisks2 (EulerOS-SA-2025-2491)
According to the versions of the udisks2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the Udisks daemon, where it allows unprivileged users to create loop devices using the D-BUS system. This is achieved via the...
DEBIAN-CVE-2023-53820
In the Linux kernel, the following vulnerability has been resolved: loop: loopsetstatusfrominfo check before assignment In loopsetstatusfrominfo, lo-looffset and lo-losizelimit should be checked before reassignment, because if an overflow error occurs, the original correct value will be changed t...
CVE-2023-53820
In the Linux kernel, the following vulnerability has been resolved: loop: loopsetstatusfrominfo check before assignment In loopsetstatusfrominfo, lo-looffset and lo-losizelimit should be checked before reassignment, because if an overflow error occurs, the original correct value will be changed t...
UBUNTU-CVE-2023-53820
In the Linux kernel, the following vulnerability has been resolved: loop: loopsetstatusfrominfo check before assignment In loopsetstatusfrominfo, lo-looffset and lo-losizelimit should be checked before reassignment, because if an overflow error occurs, the original correct value will be changed t...
CVE-2023-53820
CVE-2023-53820: In the Linux kernel loop driver, loop_set_status_from_info() must validate lo_offset and lo_sizelimit before reassignment to avoid overflow changing the original values. The description notes that an overflow could cause the value to be rewritten and not reset, and that the origin...
CVE-2023-53820 loop: loop_set_status_from_info() check before assignment
In the Linux kernel, the following vulnerability has been resolved: loop: loopsetstatusfrominfo check before assignment In loopsetstatusfrominfo, lo-looffset and lo-losizelimit should be checked before reassignment, because if an overflow error occurs, the original correct value will be changed t...
CVE-2023-53820 loop: loop_set_status_from_info() check before assignment
In the Linux kernel, the following vulnerability has been resolved: loop: loopsetstatusfrominfo check before assignment In loopsetstatusfrominfo, lo-looffset and lo-losizelimit should be checked before reassignment, because if an overflow error occurs, the original correct value will be changed t...
CVE-2023-53820
In the Linux kernel, the following vulnerability has been resolved: loop: loopsetstatusfrominfo check before assignment In loopsetstatusfrominfo, lo-looffset and lo-losizelimit should be checked before reassignment, because if an overflow error occurs, the original correct value will be changed t...
TencentOS Server 4: udisks2 (TSSA-2025:0716)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0716 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...