130 matches found
SUSE CVE-2026-48700
An issue was discovered in all versions of PCManFM-Qt starting from 1.1.0. When a regular file's path is passed as a URI in an org.freedesktop.FileManager1.ShowFolders D-Bus method call, PCManFM-Qt delegates to a different program based on the file type without user confirmation. This could be us...
CVE-2026-43234
A flaw was found in the Linux kernel's team driver. A local user can exploit this vulnerability by manipulating network devices and namespaces. Specifically, when a slave device is unregistered from a team interface while a NETDEVCHANGEMTU event is pending, it can lead to a deadlock or resource...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: iptables: Fix for null-ptr-deref in iptablenattableinit. We received a report that iptables-restore sometimes triggered a null-ptr-deref at boot time. 0 The issue arises because iptablenattableinit is exposed to user...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Scrubbing packets on bpfredirectpeer When bpfredirectpeer is used to redirect packets to a device in another network namespace, the packets are not scrubbed. This can lead to information about the packets being “misused” in...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net/sched: actct: fix ref leak when switching zones When switching zones or network namespaces without doing a ct clear in between, it is now leaking a reference to the old ct entry. That's because tcfctskbnfctcached returns fals...
CVE-2026-31692
A flaw was found in the Linux kernel's rtnetlink component. An unprivileged local user, leveraging a user namespace, can exploit a missing CAPNETADMIN capability check in the rtnlnewlink function. This allows the user to create paired network devices in arbitrary network namespaces, including the...
CVE-2026-31692
In The Linux kernel, CVE-2026-31692 affects the rtnetlink path: the peer namespace CAP_NET_ADMIN check is missing in rtnl_newlink() when creating paired devices (e.g., veth, vxcan, netkit). This enables an unprivileged user with a user namespace to create interfaces in arbitrary network namespace...
netfilter: nf_conntrack_expect: skip expectations in other netns via proc
...
CVE-2026-31496
A flaw was found in the Linux kernel's netfilter subsystem. This vulnerability allows a local user to potentially access or view network connection tracking expectations nfconntrackexpect from other network namespaces netns via the /proc filesystem. This could lead to information disclosure or a...
CVE-2026-31496
Summary: CVE-2026-31496 affects the Linux kernel netfilter nf_conntrack_expect handling across network namespaces. The root cause is a failure to skip or isolate expectations that do not reside in the target netns, enabling a local user to access or view nf_conntrack_expect entries from other nam...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the expectation in nfconntrackexpect that other network namespaces are skipped during proc dump,...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001105)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001105 advisory. A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function getnetnsbyid in net/core/netnamespace.c...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003172)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003172 advisory. A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function getnetnsbyid in net/core/netnamespace.c...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002797)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002797 advisory. A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function getnetnsbyid in net/core/netnamespace.c...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989801)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989801 advisory. In the Linux kernel, the following vulnerability has been resolved: net: fix information leakage in /proc/net/ptype In one net namespace, after creating a packet...
EUVD-2011-2180
Malware in sbrugna...
EUVD-2010-0038
Malware in sbrugna...
EUVD-2022-55043
Malicious code in bioql PyPI...
EUVD-2024-50511
Malicious code in bioql PyPI...
AZL-67589 CVE-2025-39848 affecting package kernel for versions less than 6.6.112.1-1
In the Linux kernel, the following vulnerability has been resolved: ax25: properly unshare skbs in ax25kissrcv Bernard Pidoux reported a regression apparently caused by commit c353e8983e0d "net: introduce per netns packet chains". skb-dev becomes NULL and we crash in netifreceiveskbcore. Before...