CVE-2025-52565

A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console bind-mounts. When creating the /dev/console bind-mount to /dev/pts/$n, if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount...

EUVD-2013-2162

Malware in sbrugna...

EUVD-2025-28069

Malicious code in bioql PyPI...

[SECURITY] Fedora 41 Update: socat-1.8.0.3-1.fc41

Socat is a relay for bidirectional data transfer between two independent data channels. Each of these data channels may be a file, pipe, device serial line etc. or a pseudo terminal, a socket UNIX, IP4, IP6 - raw, UDP, TCP, an SSL socket, proxy CONNECT connection, a file descriptor stdin etc., th...

Linux Distros Unpatched Vulnerability : CVE-2018-18386

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drivers/tty/ntty.c in the Linux kernel before 4.14.11 allows local attackers who are able to access pseudo terminals to hang/block further usage of any pseudo...

CVE-2025-46803 Screen creates by default world-writable PTYs

The default mode of pseudo terminals PTYs allocated by Screen was changed from 0620 to 0622, thereby allowing anyone to write to any Screen PTYs in the system...

CVE-2025-46803 Screen creates by default world-writable PTYs

The default mode of pseudo terminals PTYs allocated by Screen was changed from 0620 to 0622, thereby allowing anyone to write to any Screen PTYs in the system...

CVE-2025-46803

CVE-2025-46803 concerns the screen utility. Affected component: Screen’s PTYs default mode was changed from 0620 to 0622, enabling anyone to write to any Screen PTYs on the system. The issue is local and tied to the default PTY permissions, potentially allowing unauthorized writes. Public-availab...

SUSE CVE-2025-46803

The default mode of pseudo terminals PTYs allocated by Screen was changed from 0620 to 0622, thereby allowing anyone to write to any Screen PTYs in the system...

K28280935: Linux kernel vulnerability CVE-2018-18386

Security Advisory Description drivers/tty/ntty.c in the Linux kernel before 4.14.11 allows local attackers who are able to access pseudo terminals to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ. CVE-2018-18386 Impact There is no...

SUSE CVE-2011-4916

Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /dev/pts/ and /dev/tty...

SUSE CVE-2013-2207

ptchown in GNU C Library aka glibc or libc6 before 2.18 does not properly check permissions for tty files, which allows local users to change the permission on the files and obtain access to arbitrary pseudo-terminals by leveraging a FUSE file system...

SUSE CVE-2018-18386

drivers/tty/ntty.c in the Linux kernel before 4.14.11 allows local attackers who are able to access pseudo terminals to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ...

UBUNTU-CVE-2017-20002

The Debian shadow package before 1:4.5-1 for Shadow incorrectly lists pts/0 and pts/1 as physical terminals in /etc/securetty. This allows local users to login as password-less users even if they are connected by non-physical means such as SSH hence bypassing PAM's nulloksecure configuration. Thi...

PSC - E2E Encryption For Multi-Hop Tty Sessions Or Portshells + TCP/UDP Port Forward

DNS lookup and SSH session forwarded across an UART connection to a Pi PSC allows to e2e encrypt shell sessions, single- or multip-hop, being agnostic of the underlying transport, as long as it is reliable and can send/receive Base64 encoded data without modding/filtering. Along with the e2e pty...

CVE-2018-18386

A security flaw was found in the Linux kernel in drivers/tty/ntty.c which allows local attackers ones who are able to access pseudo terminals to lock them up and block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ handler...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1027)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1204)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : kernel (SUSE-SU-2019:1289-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)

The SUSE Linux Enterprise 12 SP1 LTSS kernel was updated to receive various security and bugfixes. Four new speculative execution information leak issues have been identified in Intel CPUs. bsc1111331 CVE-2018-12126: Microarchitectural Store Buffer Data Sampling MSBDS CVE-2018-12127:...

kernel: Type confusion in drivers/tty/n_tty.c allows for a denial of service

A security flaw was found in the Linux kernel in drivers/tty/ntty.c which allows local attackers ones who are able to access pseudo terminals to lock them up and block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ handler...