Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: dochangetype: refusal to operate on unmounted/not-of-our-mounts mounts. It is ensured that propagation settings can only be changed for mounts located within the caller’s mount namespace. This change aligns permission checks with...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fs/namespace: The reference leak in grabrequestedmntns has been fixed. lookupmntns already takes a reference to mntns. grabrequestedmntns does not need to take an additional reference...

SUSE CVE-2026-43472

In the Linux kernel, the following vulnerability has been resolved: unshare: fix unsharefs handling There's an unpleasant corner case in unshare2, when we have a CLONENEWNS in flags and current-fs hadn't been shared at all; in that case copymntns gets passed current-fs instead of a private copy,...

CVE-2026-43472

A flaw was found in the Linux kernel's unshare system call. A local user, when attempting to create new namespaces with specific flags, could encounter a scenario where the process's current working directory and root directory pointers become detached. This occurs if the cgroup namespace creatio...

CVE-2026-43472

In the Linux kernel, the following vulnerability has been resolved: unshare: fix unsharefs handling There's an unpleasant corner case in unshare2, when we have a CLONENEWNS in flags and current-fs hadn't been shared at all; in that case copymntns gets passed current-fs instead of a private copy,...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper handling of the unsharefs function in the unshare component when combined with CLONENEWN...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-006607)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006607 advisory. An issue was discovered in fs/iouring.c in the Linux kernel before 5.6. It unsafely handles the root directory during path lookups, and thus a process inside a mount...

GHSA-XXJ4-96PH-G6J6 Duplicate Advisory: OpenClaw: Sandbox `writeFile` commit could race outside the validated path

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-xvx8-77m6-gwg6. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.11 contains a sandbox boundary bypass vulnerability in the fs-bridge writeFile commit step tha...

EUVD-2026-17383

OpenClaw before 2026.3.11 contains a sandbox boundary bypass vulnerability in the fs-bridge writeFile commit step that uses an unanchored container path during the final move operation. An attacker can exploit a time-of-check-time-of-use race condition by modifying parent paths inside the sandbox...

CVE-2026-32977

CVE-2026-32977 : OpenClaw before 2026.3.11 contains a sandbox boundary bypass in the fs-bridge writeFile commit step that uses an unanchored container path during the final move. A time-of-check–time-of-use race allows an attacker to modify parent paths inside the sandbox to redirect committed fi...

PT-2026-29233

OpenClaw before 2026.3.11 contains a sandbox boundary bypass vulnerability in the fs-bridge writeFile commit step that uses an unanchored container path during the final move operation. An attacker can exploit a time-of-check-time-of-use race condition by modifying parent paths inside the sandbox...

Siemens SCALANCE and RUGGEDCOM Improper Input Validation (CVE-2025-38498)

In the Linux kernel, the following vulnerability has been resolved: dochangetype: refuse to operate on unmounted/not ours mounts Ensure that propagation settings can only be changed for mounts located in the caller's mount namespace. This change aligns permission checking with the rest of mount2...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38498)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38498 advisory. - In the Linux kernel, the following vulnerability has been resolved: dochangetype: refuse to operate on...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001402)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001402 advisory. An issue was discovered in fs/iouring.c in the Linux kernel before 5.6. It unsafely handles the root directory during path lookups, and thus a process inside a mount...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000570)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000570 advisory. The clonemnt function in fs/namespace.c in the Linux kernel before 3.8.6 does not properly restrict changes to the MNTREADONLY flag, which allows local users to bypa...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000688)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000688 advisory. The overlayfs implementation in the Linux kernel through 4.5.2 does not properly restrict the mount namespace, which allows local users to gain privileges by mountin...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004447)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004447 advisory. An issue was discovered in fs/iouring.c in the Linux kernel before 5.6. It unsafely handles the root directory during path lookups, and thus a process inside a mount...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002108)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002108 advisory. The clonemnt function in fs/namespace.c in the Linux kernel before 3.8.6 does not properly restrict changes to the MNTREADONLY flag, which allows local users to bypa...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003125)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003125 advisory. fs/namespace.c in the Linux kernel before 4.9 does not restrict how many mounts may exist in a mount namespace, which allows local users to cause a denial of service...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003322)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003322 advisory. fs/namespace.c in the Linux kernel before 4.9 does not restrict how many mounts may exist in a mount namespace, which allows local users to cause a denial of service...