CBL Mariner 2.0 Security Update: cri-tools / moby-runc / runc (CVE-2024-45310)

The version of cri-tools / moby-runc / runc installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-45310 advisory. - runc is a CLI tool for spawning and running containers according to the OCI...

Security update for libxslt

This update for libxslt fixes the following issues: CVE-2023-40403: Fixed sensitive information disclosure during processing web content bsc1238591 CVE-2024-55549: Fixed use-after-free in xsltGetInheritedNsList bsc1239637 CVE-2025-24855: Fixed use-after-free in numbers.c bsc1239625 Patch...

cifs-utils 安全漏洞

cifs-utils is a toolkit from the individual developer Pavel Shilovsky. Provides utilities for managing CIFS network file system installations. A security vulnerability exists in cifs-utils that stems from the cifs.upcall program incorrectly invoking namespaces in a container environment, which...

Kubernetes ingress-nginx 输入验证错误漏洞

Ingress NGINX Controller is an open source portal controller that uses NGINX as a reverse proxy and load balancer. Ingress NGINX Controller suffers from a remote code execution vulnerability that can be exploited by an attacker to gain access to sensitive data such as credentials and keys across...

OESA-2025-1296 libxslt security update

Libxslt is the XSLT C library developed for the GNOME project Security Fixes: xsltGetInheritedNsList in libxslt before 1.1.43 has a use-after-free issue related to exclusion of result prefixes.CVE-2024-55549 numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath...

SUSE CVE-2025-29781

The Bare Metal Operator BMO implements a Kubernetes API for managing bare metal hosts in Metal3. Baremetal Operator enables users to load Secret from arbitrary namespaces upon deployment of the namespace scoped Custom Resource BMCEventSubscription. Prior to versions 0.8.1 and 0.9.1, an adversary...

GO-2025-3530 Bare Metal Operator (BMO) can expose any secret from other namespaces via BMCEventSubscription CRD in github.com/metal3-io/baremetal-operator/apis

Bare Metal Operator BMO can expose any secret from other namespaces via BMCEventSubscription CRD in github.com/metal3-io/baremetal-operator/apis...

Linux kernel out-of-bounds write vulnerability (CNVD-2025-05383)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from an out-of-bounds write vulnerability that stems from multiple calls to dellink when deleting network namespaces, resulting in a corrupted list. Th...

SUSE CVE-2024-55549

xsltGetInheritedNsList in libxslt before 1.1.43 has a use-after-free issue related to exclusion of result prefixes...

ALPINE-CVE-2024-55549

xsltGetInheritedNsList in libxslt before 1.1.43 has a use-after-free issue related to exclusion of result prefixes...

Use After Free

Overview nokogiri is a gem for parsing HTML, XML, SAX, and Reader. Affected versions of this package are vulnerable to Use After Free through the xsltGetInheritedNsList process. An attacker can manipulate memory and potentially execute arbitrary code by excluding result prefixes. Remediation...

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free through the xsltGetInheritedNsList process. An attacker can manipulate memory and potentially execute arbitrary code by excluding result prefixes. Remediation Upgrade libxslt to version 1.1.43 or higher. References - GitH...

[slackware-security] libxslt

New libxslt packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libxslt-1.1.43-i586-1slack15.0.txz: Upgraded. This update addresses some security issues. Fix use-after-free of XPath context node. F...

DEBIAN-CVE-2025-21865

In the Linux kernel, the following vulnerability has been resolved: gtp: Suppress list corruption splat in gtpnetexitbatchrtnl. Brad Spengler reported the listdel corruption splat in gtpnetexitbatchrtnl. 0 Commit eb28fd76c0a0 "gtp: Destroy device along with udp socket's netns dismantle." added th...

DEBIAN-CVE-2025-21864

In the Linux kernel, the following vulnerability has been resolved: tcp: drop secpath at the same time as we currently drop dst Xiumei reported hitting the WARN in xfrm6tunnelnetexit while running tests that boil down to: - create a pair of netns - run a basic TCP test over ipcomp6 - delete the...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to release the secpath in a timely manner when deleting network namespaces, which could lead to...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from an out-of-bounds write vulnerability that stems from multiple calls to dellink when deleting network namespaces, resulting in a corrupted list. Th...

Linux Distros Unpatched Vulnerability : CVE-2024-54680

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: smb: client: fix TCP timers deadlock after rmmod Commit ef7134c7fc48 smb: client: Fix...

Linux Distros Unpatched Vulnerability : CVE-2017-1000111

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Linux kernel: heap out-of-bounds in AFPACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that...

Linux Distros Unpatched Vulnerability : CVE-2019-20794

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed. A user can create their own PID namespace, and...