EUVD-2026-32863

In the Linux kernel, the following vulnerability has been resolved: selinux: use sk blob accessor in socket permission helpers SELinux socket state lives in the composite LSM socket blob. sockhasperm and nlmsgsockhasextendedperms currently dereference sk-sksecurity directly, which assumes the...

CVE-2026-46104

In the Linux kernel, the following vulnerability has been resolved: selinux: use sk blob accessor in socket permission helpers SELinux socket state lives in the composite LSM socket blob. sockhasperm and nlmsgsockhasextendedperms currently dereference sk-sksecurity directly, which assumes the...

PT-2026-44227

In the Linux kernel, the following vulnerability has been resolved: selinux: use sk blob accessor in socket permission helpers SELinux socket state lives in the composite LSM socket blob. sock has perm and nlmsg sock has extended perms currently dereference sk-sk security directly, which assumes...

Astra Linux - уязвимость в zabbix

During Zabbix installation from RPM, the DACOVERRIDE SELinux capability is used to access PID files in the /var/run/zabbix folder. In this case, processes of Zabbix Proxy or Server can bypass the file read, write, and execute permission checks at the file system level...

Astra Linux - уязвимость в libvirt

A flaw was discovered in libvirt during its generation of SELinux MCS category pairs for virtual machines’ dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the breach of sVirt confinement. The greatest threat posed by this vulnerability...

[SECURITY] Fedora 42 Update: cockpit-357-2.fc42

The Cockpit Web Console enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more...

CVE-2026-35376

A Time-of-Check to Time-of-Use TOCTOU vulnerability exists in the chcon utility of uutils coreutils during recursive operations. The implementation resolves recursive targets using a fresh path lookup via ftsaccpath rather than binding the traversal and label application to the specific directory...

PT-2026-34497

The mknod utility in uutils coreutils fails to handle security labels atomically by creating device nodes before setting the SELinux context. If labeling fails, the utility attempts cleanup using std::fs::remove dir, which cannot remove device nodes or FIFOs. This leaves mislabeled nodes behind...

PT-2026-34512

A Time-of-Check to Time-of-Use TOCTOU vulnerability exists in the chcon utility of uutils coreutils during recursive operations. The implementation resolves recursive targets using a fresh path lookup via fts accpath rather than binding the traversal and label application to the specific director...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013295)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013295 advisory. In several functions of binder.c, there is a possible way to represent the wrong domain to SELinux due to a race condition. This could lead to local escalation of...

SUSE-SU-2026:20585-1 Security update for docker-stable

This update for docker-stable fixes the following issues: - Enable SELinux in default daemon.json config --selinux-enabled. This has no practical impact on non-SELinux systems bsc1252290. - Remove git-core recommends on SLE. Most SLE systems have installRecommends=yes by default and thus end up...

runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects

A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...

MiracleLinux 4 : policycoreutils-2.0.83-30.1.AXS4 (AXSA:2016-915:02)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-915:02 advisory. Security-enhanced Linux is a feature of the Linux kernel and a number of utilities with enhanced security functionality designed to add mandatory access...

MiracleLinux 7 : fuse-2.9.2-11.el7 (AXSA:2019-3674:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-3674:01 advisory. fuse: bypass of the userallowother restriction when SELinux is active CVE-2018-10906 Tenable has extracted the preceding description block directly from the...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002701)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002701 advisory. A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10. An empty null write to this file can crash the...

GHSA-WWRX-W7C9-RF87 Singluarity ineffectively applies selinux / apparmor LSM process labels

Impact Native Mode default Singularity's default native runtime allows users to apply restrictions to container processes using the apparmor or selinux Linux Security Modules LSMs, via the --security selinux: or --security apparmor: flags. LSM labels are written to process or thread attrs/exec...

EUVD-2001-0073

Malware in sbrugna...

EUVD-2025-25860

Malicious code in bioql PyPI...

CVE-2025-0078

In main of main.cpp, there is a possible way to bypass SELinux due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-0078

CVE-2025-0078 describes a logic error in the Android main.cpp main function that may bypass SELinux, enabling local elevation of privilege with no extra privileges or user interaction required. The vulnerability is categorized as EoP with a high impact, and current sources indicate the issue affe...