Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from seccomp's unfiltered uretprobe system call, which could cause a process running in docker to crash when it...

Linux Distros Unpatched Vulnerability : CVE-2025-21834

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: seccomp: passthrough uretprobe systemcall without filtering When attaching uretprobes to...

PT-2025-9982 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the seccomp filtering of the uretprobe system call. When uretprobes are attached to processes running inside Docker, t...

Linux Distros Unpatched Vulnerability : CVE-2015-2830

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - arch/x86/kernel/entry64.S in the Linux kernel before 3.19.2 does not prevent the TSCOMPAT flag from reaching a user-mode task, which might allow local users to...

Linux Distros Unpatched Vulnerability : CVE-2019-2054

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the seccomp implementation prior to kernel version 4.8, there is a possible seccomp bypass due to seccomp policies that allow the use of ptrace. This could...

container-tools:ol8 security update

aardvark-dns buildah 2:1.33.11-1 - update to the latest content of https://github.com/containers/buildah/tree/release-1.33 https://github.com/containers/buildah/commit/fe85f0d - Resolves: RHEL-61853 2:1.33.10-1 - update to the latest content of...

Oracle Linux 9 : oci-seccomp-bpf-hook (ELSA-2024-9277)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-9277 advisory. 1.2.10-2 - rebuild - Resolves: RHEL-35939 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Ness...

oci-seccomp-bpf-hook security update

1.2.10-2 - rebuild - Resolves: RHEL-35939...

RHSA-2024:9277 Red Hat Security Advisory: oci-seccomp-bpf-hook security update

Bulletin has no description...

Moderate: Red Hat Security Advisory: oci-seccomp-bpf-hook security update

An update for oci-seccomp-bpf-hook is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RHEL 9 : oci-seccomp-bpf-hook (RHSA-2024:9277)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:9277 advisory. OCI Hook to generate seccomp json files based on EBF syscalls used by container oci-seccomp-bpf-hook provides a library for applications looking to u...

ALSA-2024:9277 Moderate: oci-seccomp-bpf-hook security update

OCI Hook to generate seccomp json files based on EBF syscalls used by container oci-seccomp-bpf-hook provides a library for applications looking to use the Container Pod concept popularized by Kubernetes. Security Fixes: golang: net: malformed DNS message can cause infinite loop CVE-2024-24788 Fo...

Moderate: oci-seccomp-bpf-hook security update

OCI Hook to generate seccomp json files based on EBF syscalls used by container oci-seccomp-bpf-hook provides a library for applications looking to use the Container Pod concept popularized by Kubernetes. Security Fixes: golang: net: malformed DNS message can cause infinite loop CVE-2024-24788 Fo...

Oracle Linux 8 : container-tools:ol8 (ELSA-2024-8038)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-8038 advisory. aardvark-dns 2:1.10.1-2 - build off the RHEL maintenance branch - Resolves: RHEL-59129 buildah cockpit-podman conmon containernetworking-plugins...

CentOS 7 : qemu-kvm-ma (RHSA-2020:3907)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3907 advisory. - qemu-seccomp.c in QEMU might allow local OS guest users to cause a denial of service guest crash by leveraging mishandling of the seccomp policy for...

Advisory ROSA-SA-2024-2487

Software: flatpak 1.0.9 OS: rosa-server79 packageevrstring: flatpak-1.0.9-13.res7 CVE-ID: CVE-2021-41133 BDU-ID: 2022-00259 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Flatpak application and environment management tool is related to a lack of blocking in the seccomp filter of mount-related...

GO-2023-1864 Kubelet vulnerable to bypass of seccomp profile enforcement in k8s.io/kubernetes

Kubelet vulnerable to bypass of seccomp profile enforcement in k8s.io/kubernetes...

GO-2023-1801 kyverno seccomp control can be circumvented in github.com/kyverno/kyverno

kyverno seccomp control can be circumvented in github.com/kyverno/kyverno...

container-tools:ol8 security update

aardvark-dns buildah 2:1.33.8-4 - rebuild for golang fixes - Related: RHEL-28452 cockpit-podman 84.1-1 - update to https://github.com/cockpit-project/cockpit-podman/releases/tag/84.1 - Related: Jira:RHEL-25557 conmon 3:2.1.10-1 - update to https://github.com/containers/conmon/releases/tag/v2.1.10...

container-tools security update

aardvark-dns 2:1.10.0-1 - update to https://github.com/containers/aardvark-dns/releases/tag/v1.10.0 - Related: Jira:RHEL-2110 2:1.9.0-1 - update to https://github.com/containers/aardvark-dns/releases/tag/v1.9.0 - Related: Jira:RHEL-2110 2:1.8.0-1 - update to...