27 matches found
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/rxe: Fixed a NULLptrderef in rxeqpdocleanup, when socket creation fails. There is a NULLptrderef in the mount.cifs operation over RDMA: - BUG: KASAN: NULLptrderef in rxeqpdocleanup+0x2f3/0x360 rdmarxe - Reading of a 8-byt...
RHCOS 4 : OpenShift Container Platform 4.14.59 (RHSA-2025:21328)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21328 advisory. - net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 - runc: container escape via...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006763)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006763 advisory. In the Linux kernel, the following vulnerability has been resolved: fs/buffer: fix use-after-free when call bhread helper There's issue as follows: BUG: KASAN:...
MiracleLinux 9 : buildah-1.33.9-1.el9_4 (AXSA:2024-8904:08)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8904:08 advisory. go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion CVE-2024-34155...
EulerOS 2.0 SP12 : docker-runc (EulerOS-SA-2026-1067)
According to the versions of the docker-runc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : runc is a CLI tool for spawning and running containers according to the OCI specification. Versions 1.0.0-rc3 through 1.2.7, 1.3.0-rc.1 throug...
Linux Distros Unpatched Vulnerability : CVE-2025-71067
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ntfs: set dummy blocksize to read bootblock when mounting When mounting, sb-sblocksize is used to read the bootblock without being defined or validated. Set a...
PT-2025-45373
Name of the Vulnerable Software and Affected Versions runc versions 1.0.0-rc3 through 1.2.7 runc versions 1.3.0-rc.1 through 1.3.2 runc versions 1.4.0-rc.1 through 1.4.0-rc.2 Description Insufficient checks when bind-mounting /dev/pts/$n to /dev/console inside a container allow an attacker to tri...
SUSE SLES12 Security Update : kernel (Live Patch 61 for SLE 12 SP5) (SUSE-SU-2025:03653-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03653-1 advisory. This update for the Linux Kernel 4.12.14-122231 fixes several issues. The following security issues were fixed: - CVE-2022-50386: Bluetooth:...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987523)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987523 advisory. In the Linux kernel, the following vulnerability has been resolved: jffs2: fix memory leak in jffs2scanmedium If an error is returned in jffs2scaneraseblock and some...
EUVD-2025-22634
Malicious code in bioql PyPI...
EUVD-2025-4783
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2023-53222
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jfs: jfsdmap: Validate dbl2nbperpage while mounting In jfsdmap.c at line 381, BLKTODMAP is used to get a logical block number inside dbFree. dbl2nbperpage, whic...
AZL-73710 CVE-2025-39691 affecting package kernel for versions less than 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: fs/buffer: fix use-after-free when call bhread helper There's issue as follows: BUG: KASAN: stack-out-of-bounds in endbufferreadsync+0xe3/0x110 Read of size 8 at addr ffffc9000168f7f8 by task swapper/3/0 CPU: 3 UID: 0 PID: 0 Comm...
CVE-2025-38728 smb3: fix for slab out of bounds on mount to ksmbd
In the Linux kernel, the following vulnerability has been resolved: smb3: fix for slab out of bounds on mount to ksmbd With KASAN enabled, it is possible to get a slab out of bounds during mount to ksmbd due to missing check in parseserverinterfaces see below: BUG: KASAN: slab-out-of-bounds in...
Linux Distros Unpatched Vulnerability : CVE-2018-14610
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel through 4.17.10. There is out-of-bounds access in writeextentbuffer when mounting and operating a crafted btrfs imag...
CVE-2025-38369
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using Running IDXD workloads in a container with the /dev directory mounted can trigger a call trace or even a kernel panic when the parent proce...
CVE-2025-38232
In the Linux kernel, the following vulnerability has been resolved: NFSD: fix race between nfsd registration and exportsproc As of now nfsd calls createprocexportsentry at start of initnfsd and cleanup by removeprocentry at last of exitnfsd. Which causes kernel OOPs if there is race between below...
CVE-2025-38232 NFSD: fix race between nfsd registration and exports_proc
In the Linux kernel, the following vulnerability has been resolved: NFSD: fix race between nfsd registration and exportsproc As of now nfsd calls createprocexportsentry at start of initnfsd and cleanup by removeprocentry at last of exitnfsd. Which causes kernel OOPs if there is race between below...
UBUNTU-CVE-2022-49166
In the Linux kernel, the following vulnerability has been resolved: ntfs: add sanity check on allocation size ntfsreadinodemount invokes ntfsmallocnofs with zero allocation size. It triggers one BUG in the ntfsmalloc function. Fix this by adding sanity check on ni-attrlistsize...
Security update for buildah
This update for buildah fixes the following issues: Update to version 1.35.5 CVE-2024-11218: Fix TOCTOU error when bind and cache mounts use "src" values. bsc1236272 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...