17 matches found
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: net: Fixed a memory leak in skbSegmentList for GRO packets When skbSegmentList is called during packet forwarding, it handles packets that were aggregated by the GRO engine. Historically, the segmentation logic in skbSegmentList...
RockyLinux 9 : kernel (RLSA-2025:8643)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:8643 advisory. kernel: net: gso: fix ownership in udpgsosegment CVE-2025-21926 kernel: vlan: enforce underlying device type CVE-2025-21920 kernel: xsk: fix an integer...
EUVD-2025-9395
Malicious code in bioql PyPI...
RLSA-2025:8669 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: vsock/virtio: discard packets if the transport changes CVE-2025-21669 kernel: net: gso: fix ownership in udpgsosegment CVE-2025-21926 kernel: xsk: fix an integer overflow in...
SUSE CVE-2025-21926
In the Linux kernel, the following vulnerability has been resolved: net: gso: fix ownership in udpgsosegment In udpgsosegment the skb destructor is removed before segmenting the skb but the socket reference is kept as-is. This is an issue if the original skb is later orphaned as we can hit the...
CVE-2025-21926
In the Linux kernel, the following vulnerability has been resolved: net: gso: fix ownership in udpgsosegment In udpgsosegment the skb destructor is removed before segmenting the skb but the socket reference is kept as-is. This is an issue if the original skb is later orphaned as we can hit the...
Oracle Linux 9 : .NET / 8.0 (ELSA-2024-5334)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-5334 advisory. 8.0.108-1.0.1 - Add support for Oracle Linux 8.0.108-1 - Update to .NET SDK 8.0.108 and Runtime 8.0.8 - Resolves: RHEL-52389 8.0.107-2 - Fix ownership of some...
AZL-42156 CVE-2024-27418 affecting package hyperv-daemons for versions less than 5.15.158.2-1
In the Linux kernel, the following vulnerability has been resolved: net: mctp: take ownership of skb in mctplocaloutput Currently, mctplocaloutput only takes ownership of skb on success, and we may leak an skb if mctplocaloutput fails in specific states; the skb ownership isn't transferred until...
OPENSUSE-SU-2020:1833-1 Security update for salt
This update for salt fixes the following issues: - Properly validate eauth credentials and tokens on SSH calls made by Salt API bsc1178319, bsc1178362, bsc1178361, CVE-2020-25592, CVE-2020-17490, CVE-2020-16846 - Fix disk.blkid to avoid unexpected keyword argument 'pubuser'. bsc1177867 - Ensure...
SUSE-SU-2020:1301-1 Security update for mailman
This update for mailman fixes the following issues: Security issue fixed: - CVE-2020-12108: Fixed a content injection bug bsc1171363. - CVE-2020-12137: Fixed a XSS vulnerability caused by MIME type confusion bsc1170558. Non-security issue fixed: - Fixed rights and ownership on...
SUSE-SU-2020:0228-1 Security update for slurm
This update for slurm fixes the following issues: - CVE-2019-19727: Fix permissions of configuration file 'slurmdbd.conf' bsc1155784. - Fix ownership of /var/spool/slurm on new installations and upgrade bsc1158696. - Fix '%posttrans' macro to cope with added newline bsc1153259...
Fedora 25 : community-mysql (2017-95327e44ec)
A quarter year regular dose of fixed CVE's. https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-20.html . rhbz1497694 : Fix owner and perms on log file in post script CVE fixes: rhbz1503701 CVE-2017-10155 CVE-2017-10227 CVE-2017-10268 CVE-2017-10276 CVE-2017-10279 CVE-2017-10283 CVE-2017-102...
openSUSE Security Update : salt (openSUSE-2017-1016)
This update for salt fixes the following issues : - Update to 2017.7.1 See https://docs.saltstack.com/en/develop/topics/releases/20 17.7.1.html for full changelog - CVE-2017-12791: crafted minion ID could lead directory traversal on the Salt-master boo1053955 - Run fdupes over all of /usr because...
Scientific Linux Security Update : dovecot on SL5.x i386/x86_64
A flaw was found in Dovecot's ACL plug-in. The ACL plug-in treated negative access rights as positive rights, which could allow an attacker to bypass intended access restrictions. CVE-2008-4577 A password disclosure flaw was found with Dovecot's configuration file. If a system had the...
Fedora 14 : ecryptfs-utils-90-2.fc14 (2011-11979)
fix incorrect mtab group ownership Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300...
openSUSE Security Update : postfix (postfix-133)
A local privilege escalation vulnerability as well as a mailbox ownership problem has been fixed in postfix. CVE-2008-2936 and CVE-2008-2937 have been assigned to this problem. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extract...
udev reissued for 12.2/current
Updated udev packages are available for Slackware 12.2, and -current to fix a serial device ownership regression in 12.2, adjust the perms on /dev/rtc0, and make sure that the /dev/root symlink is properly created. Here are the details from the Slackware 12.2 ChangeLog:...