AlmaLinux 10 : grub2 (ALSA-2025:16154)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:16154 advisory. grub2: grub-core/gettext: Integer overflow leads to Heap OOB Write and Read. CVE-2024-45776 grub2: fs/ufs: OOB write in the heap CVE-2024-45781 grub2:...

RockyLinux 10 : grub2 (RLSA-2025:16154)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:16154 advisory. grub2: grub-core/gettext: Integer overflow leads to Heap OOB Write and Read. CVE-2024-45776 grub2: fs/ufs: OOB write in the heap CVE-2024-45781 grub2:...

Linux Distros Unpatched Vulnerability : CVE-2025-1272

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Linux Kernel lockdown mode for kernel versions starting on 6.12 and above for Fedora Linux has the lockdown mode disabled without any warning. This may allo...

CLSA-2025-1744717794 grub2: Fix of 5 CVEs

CVE-2025-0624: net: Out-of-bounds write in grubnetsearchconfigfile - CVE-2025-0690: read: Integer overflow may lead to out-of-bounds write - CVE-2025-1118: commands/dump: The dump command is not in lockdown when secure boot is enabled - CVE-2025-0678: squash4: Integer overflow may lead to heap...

CLSA-2025-1744213211 grub2: Fix of 5 CVEs

CVE-2025-0624: net: Out-of-bounds write in grubnetsearchconfigfile - CVE-2025-0690: read: Integer overflow may lead to out-of-bounds write - CVE-2025-1118: commands/dump: The dump command is not in lockdown when secure boot is enabled - CVE-2025-0678: squash4: Integer overflow may lead to heap...

CVE-2022-21505

In the linux kernel, if IMA appraisal is used with the "imaappraise=log" boot param, lockdown can be defeated with kexec on any machine when Secure Boot is disabled or unavailable. IMA prevents setting "imaappraise=log" from the boot param when Secure Boot is enabled, but this does not cover case...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4439-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4439-1 advisory. It was discovered that the network block device nbd implementation in the Linux kernel did not properly check for error conditions in some situations. An...

USN-4425-1 linux, linux-aws, linux-azure, linux-azure-5.4, linux-gcp, linux-hwe-5.4, linux-kvm, linux-oracle, linux-raspi, linux-raspi-5.4, linux-riscv vulnerabilities

It was discovered that the network block device nbd implementation in the Linux kernel did not properly check for error conditions in some situations. An attacker could possibly use this to cause a denial of service system crash. CVE-2019-16089 It was discovered that the kernel-user space relay...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-4425-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4425-1 advisory. It was discovered that the network block device nbd implementation in the Linux kernel did not properly check for error conditions in some...