Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: cloneprivatemnt: Make sure that the caller has CAPSYSADMIN in the correct user namespaces. What we want to ensure is that clone will not expose something hidden by a mount that we wouldn’t be able to undo. “ wouldn’t be able to...

MiracleLinux 9 : kernel-5.14.0-611.16.1.el9_7 (AXSA:2025-11625:100)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11625:100 advisory. kernel: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns CVE-2025-38499 kernel: iommufd: Fix race during abort for file...

CLSA-2025-1766488019 kernel: Fix of 63 CVEs

scsi: target: iscsi: Fix timeout on deleted connection CVE-2025-38075 - tls: wait for pending async decryptions if tlsstrpmsghold fails CVE-2025-40176 - cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns CVE-2025-38499 - rcu: Fix rcureadunlock deadloop due to IRQ work...

kernel: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns

A vulnerability was found in cloneprivatemount in fs/namespace.c in filesystem subsystem in the Linux Kernel.This flaw could allow a local attacker to crash the system or leak kernel internal information...

Important: Red Hat Security Advisory: kpatch-patch-5_14_0-611_9_1 security update

An update for kpatch-patch-5140-61191 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

kernel: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns

A vulnerability was found in cloneprivatemount in fs/namespace.c in filesystem subsystem in the Linux Kernel.This flaw could allow a local attacker to crash the system or leak kernel internal information...

kernel: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns

A vulnerability was found in cloneprivatemount in fs/namespace.c in filesystem subsystem in the Linux Kernel.This flaw could allow a local attacker to crash the system or leak kernel internal information...

kernel: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns

A vulnerability was found in cloneprivatemount in fs/namespace.c in filesystem subsystem in the Linux Kernel.This flaw could allow a local attacker to crash the system or leak kernel internal information...

ALSA-2025:23279 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns CVE-2025-38499 kernel: net: tun: Update napi-skb after XDP process CVE-2025-39984 For more details about the...

Security update for kernel-livepatch-MICRO-6-0-RT_Update_2

This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: CVE-2024-49974: NFSD: limit the number of concurrent async COPY operations bsc1232384 CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794 CVE-2025-38206: exfat: fix double free in delayedfre...

Security update for kernel-livepatch-MICRO-6-0_Update_2

This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: CVE-2024-49974: NFSD: limit the number of concurrent async COPY operations bsc1232384 CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794 CVE-2025-38206: exfat: fix double free in delayedfree...

Security update for kernel-livepatch-MICRO-6-0_Update_4

This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794 CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretmem LSM...

SUSE-SU-2025:20885-1 Security update for kernel-livepatch-MICRO-6-0_Update_4

This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: - CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794 - CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 - CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretmem...

Security update for kernel-livepatch-MICRO-6-0_Update_10

This update for kernel-livepatch-MICRO-6-0Update10 fixes the following issues: CVE-2025-38566: sunrpc: fix handling of server side tls alerts bsc1248376 CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns bsc1248673 CVE-2025-38678: netfilter: nftables: rejec...

SUSE-SU-2025:20887-1 Security update for kernel-livepatch-MICRO-6-0_Update_6

This update for kernel-livepatch-MICRO-6-0Update6 fixes the following issues: - CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 - CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretmem LSM bypass bsc1247158 - CVE-2025-38471: kernel: tls: always refresh the queue wh...

SUSE-SU-2025:20906-1 Security update for kernel-livepatch-MICRO-6-0_Update_9

This update for kernel-livepatch-MICRO-6-0Update9 fixes the following issues: - CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 - CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretmem LSM bypass bsc1247158 - CVE-2025-38471: kernel: tls: always refresh the queue wh...

SUSE-SU-2025:20905-1 Security update for kernel-livepatch-MICRO-6-0_Update_6

This update for kernel-livepatch-MICRO-6-0Update6 fixes the following issues: - CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 - CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretmem LSM bypass bsc1247158 - CVE-2025-38471: kernel: tls: always refresh the queue wh...

SUSE-SU-2025:20881-1 Security update for kernel-livepatch-MICRO-6-0_Update_5

This update for kernel-livepatch-MICRO-6-0Update5 fixes the following issues: - CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794 - CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 - CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretmem...

Security update for kernel-livepatch-MICRO-6-0_Update_4

This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794 CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretmem LSM...

SUSE-SU-2025:20882-1 Security update for kernel-livepatch-MICRO-6-0_Update_7

This update for kernel-livepatch-MICRO-6-0Update7 fixes the following issues: - CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 - CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretmem LSM bypass bsc1247158 - CVE-2025-38471: kernel: tls: always refresh the queue wh...