CVE-2026-4137

CVE-2026-4137 : In mlflow/mlflow before 3.11.0, two temp-dir creation paths expose world/group-writable permissions: get_or_create_nfs_tmp_dir() creates 0o777 and _create_model_downloading_tmp_dir() creates 0o770. This enables local attackers with access to shared NFS mounts (e.g., Databricks) to...

CVE-2024-50272

In the Linux kernel, the following vulnerability has been resolved: filemap: Fix bounds checking in filemapread If the caller supplies an iocb-kipos value that is close to the filesystem upper limit, and an iterator with a count that causes us to overflow that limit, then filemapread enters an...

CVE-2024-50272 filemap: Fix bounds checking in filemap_read()

In the Linux kernel, the following vulnerability has been resolved: filemap: Fix bounds checking in filemapread If the caller supplies an iocb-kipos value that is close to the filesystem upper limit, and an iterator with a count that causes us to overflow that limit, then filemapread enters an...

cockpit security, bug fix, and enhancement update

264.1-1.0.1 - Remove duplicate reference to server in cockpit Orabug: 33862832 - Update documentation links Orabug: 32795691 - Make documentation links point to Oracle Linux information Orabug: 30271413 Orabug: 32013095 - Fix rendering of hwinfo page on systems with some empty memory slots Orabug...

Important: kernel

Issue Overview: A flaw was found in the Linux kernel, where a BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack. This issue occurs when the protection mechanism neglects the possibility of uninitialized memory locations on the BPF...

Product update: Virtuozzo 7.0 Update 13 (7.0.13-298)

The Update 13 for Virtuozzo 7.0 introduces new features and provides stability and usability bug fixes. It also introduces a new kernel 3.10.0-1062.12.1.vz7.131.10. Vulnerability id: PSBM-95072 'pstorage-target' files are left over after successful migrations of VMs on Virtuozzo Storage from...

Kernel update: Virtuozzo ReadyKernel patch 95.0 for Virtuozzo 7.0 and Virtuozzo Infrastructure Platform 2.5

The cumulative Virtuozzo ReadyKernel patch was updated with stability fixes. The patch applies to the kernel 3.10.0-862.20.2.vz7.73.24 Virtuozzo 7.0.9 and Virtuozzo Infrastructure Platform 2.5. Vulnerability id: PSBM-100118 scsi: printing lots of messages about rejected I/O causes a hard lockup a...

Kernel update: Virtuozzo ReadyKernel patch 95.1 for Virtuozzo 7.0 and Virtuozzo Infrastructure Platform 3.0

The cumulative Virtuozzo ReadyKernel patch was updated with stability fixes. The patch applies to the kernels 3.10.0-957.12.2.vz7.96.21 Virtuozzo 7.0.11 and Virtuozzo Infrastructure Platform 3.0, 3.10.0-1062.4.2.vz7.116.7 Virtuozzo 7.0.12 HF1. Vulnerability id: PSBM-100118 3.10.0-957.12.2.vz7.96....

Kernel update: Virtuozzo ReadyKernel patch 61.0 for Virtuozzo 7.0.8 and 7.0.8 HF1

The cumulative Virtuozzo ReadyKernel patch was updated with stability fixes. The patch applies to Virtuozzo 7.0.8 and 7.0.8 HF1. Vulnerability id: PSBM-87836 It was discovered that a container with NFS mounts could keep the files /var/lib/nfs/rpcpipefs/nfs/clntX open, even if no NFS server was...

openSUSE Security Update : util-linux (openSUSE-2017-305)

This update for util-linux fixes the following issues : This security issue was fixed : - CVE-2017-2616: In su with PAM support it was possible for local users to send SIGKILL to selected other processes with root privileges bsc1023041. This non-security issues were fixed : - lscpu: Implement WSL...

openSUSE Security Update : util-linux (openSUSE-2017-306)

This update for util-linux fixes the following issues : This security issue was fixed : - CVE-2017-2616: In su with PAM support it was possible for local users to send SIGKILL to selected other processes with root privileges bsc1023041. This non-security issues were fixed : - lscpu: Implement WSL...

openSUSE: Security Advisory for util-linux (openSUSE-SU-2017:0589-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE-SU-2017:0555-1 Security update for util-linux

This update for util-linux fixes the following issues: This security issue was fixed: - CVE-2017-2616: In su with PAM support it was possible for local users to send SIGKILL to selected other processes with root privileges bsc1023041. This non-security issues were fixed: - lscpu: Implement WSL...

Moderate: Red Hat Security Advisory: openstack-cinder security update

An update for openstack-cinder is now available for Red Hat Enterprise Linux OpenStack Platform 5.0 Icehouse for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

SUSE-SU-2015:1020-1 Security update for autofs

autofs was updated to fix one security issue. This security issue was fixed: - CVE-2014-8169: Prevent potential privilege escalation via interpreter load path for program-based automount maps bnc917977. These non-security issues were fixed: - Dont pass sloppy option for other than nfs mounts...

Oracle Linux 4 : kernel (ELSA-2009-1671)

From Red Hat Security Advisory 2009:1671 : Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain...

CentOS 4 : util-linux (CESA-2007:0235)

An updated util-linux package that corrects a security issue and fixes several bugs is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The util-linux package contains a collection of basic system utilities. A flaw was found in the way...

SuSE 11.1 Security Update : FUSE (SAT Patch Number 4095)

The following security issues were fixed : - FUSE allowed local users to create mtab entries with arbitrary pathnames, and consequently unmount any filesystem, via a symlink attack on the parent directory of the mountpoint of a FUSE filesystem. CVE-2010-3879 - Avoid mounting a directory including...

Read configs to prevent root login

This plugin uses ssh to Read configs to prevent root login: Check for /etc/securettys show all non console, check if root login is not possible via SSH, check for SYSLOGSUENAB in /etc/login.defs, check for perm 0644 on /etc/securettys /etc/login.defs /etc/sshd/sshdconfig, check if rootsquash is...

CentOS 4 : kernel (CESA-2009:1671)

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux...