Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-27033)

The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27033 advisory. - In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to remove unnecessary...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38113)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38113 advisory. - In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Fix NULL pointer dereference...

Azure Linux 3.0 Security Update: kernel (CVE-2025-22033)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-22033 advisory. - In the Linux kernel, the following vulnerability has been resolved: arm64: Don't call NULL in...

Azure Linux 3.0 Security Update: python-tensorboard (CVE-2019-17596)

The version of python-tensorboard installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2019-17596 advisory. - Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38166)

"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38166 advisory. - In the Linux kernel, the following vulnerability has been resolved: bpf: fix ktls panic with sockmap...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38165)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38165 advisory. - In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix panic when calling...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38369)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38369 advisory. - In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Check availability of...

Azure Linux 3.0 Security Update: kernel (CVE-2024-45001)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-45001 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix RX buf allocsize alignmen...

Azure Linux 3.0 Security Update: kernel (CVE-2024-50023)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-50023 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: phy: Remove LED entry from LEDs lis...

CBL Mariner 2.0 Security Update: CBL-Mariner Releases (CVE-2025-47913)

The version of CBL-Mariner Releases installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-47913 advisory. - SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause ear...

PT-2026-4280

Name of the Vulnerable Software and Affected Versions Rekor versions 1.4.3 and below Description Rekor’s entry implementation can experience a panic when processing attacker-controlled input during the canonicalization of a proposed entry with an empty spec.message. The validate function...

Azure Linux 3.0 Security Update: cni / containernetworking-plugins / keda / multus (CVE-2021-38561)

The version of cni / containernetworking-plugins / keda / multus installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-38561 advisory. - golang.org/x/text/language in golang.org/x/text before 0.3.7 can...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38218)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38218 advisory. - In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on...

Azure Linux 3.0 Security Update: multus (CVE-2020-28851)

The version of multus installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2020-28851 advisory. - In x/text in Go 1.15.4, an index out of range panic occurs in language.ParseAcceptLanguage while parsing the...

go-tuf affected by client DoS via malformed server response

Security Disclosure: Client DoS via malformed server response Summary If the TUF repository or any of its mirrors returns invalid TUF metadata JSON valid JSON but not well formed TUF metadata, the client will panic during parsing, causing a DoS. The panic happens before any signature is validated...

GHSA-846P-JG2W-W324 go-tuf affected by client DoS via malformed server response

Security Disclosure: Client DoS via malformed server response Summary If the TUF repository or any of its mirrors returns invalid TUF metadata JSON valid JSON but not well formed TUF metadata, the client will panic during parsing, causing a DoS. The panic happens before any signature is validated...

CVE-2026-22977

In the Linux kernel, the following vulnerability has been resolved: net: sock: fix hardened usercopy panic in sockrecverrqueue skbufffclonecache was created without defining a usercopy region, 1 unlike skbuffheadcache which properly whitelists the cb field. 2 This causes a usercopy BUG when...

AlmaLinux 8 : container-tools:rhel8 (ALSA-2026:0753)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:0753 advisory. golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSHAGENTSUCCESS CVE-2025-47913 Tenable has extracted the preceding...

CLSA-2026-1768930687 podman: Fix of CVE-2025-47913

CVE-2025-47913: fix ssh/agent client panic on unexpected message types...

MiracleLinux 9 : cockpit-composer-41-1.el9, osbuild-composer-62.1-1.el9.ML.1, osbuild-65-1.el9.ML.1, weldr-client-35.5-4.el9 (AXSA:2023-5065:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5065:02 advisory. golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service CVE-2022-32189...