141 matches found
SUSE CVE-2026-34445
Open Neural Network Exchange ONNX is an open standard for machine learning interoperability. Prior to version 1.21.0, the ExternalDataInfo class in ONNX was using Python's setattr function to load metadata like file paths or data lengths directly from an ONNX model file. It didn't check if the...
EUVD-2026-17985
ONNX: Malicious ONNX models can crash servers by exploiting unprotected object settings...
CVE-2026-34445
Open Neural Network Exchange ONNX is an open standard for machine learning interoperability. Prior to version 1.21.0, the ExternalDataInfo class in ONNX was using Python’s setattr function to load metadata like file paths or data lengths directly from an ONNX model file. It didn’t check if the...
Open Neural Network Exchange 安全漏洞
Open Neural Network Exchange is an open-source ecosystem developed by Open Neural Network Exchange. It enables AI developers to choose the appropriate tools as the project evolves. Versions of Open Neural Network Exchange prior to 1.21.0 contained a security vulnerability. This vulnerability...
kernel: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr()
In the Linux kernel, the following vulnerability has been resolved: ipv6: BUG in pskbexpandhead as part of calipsoskbuffsetattr There exists a kernel oops caused by a BUGONnhead INTMAX i.e. intskbheadroomskb + lendelta skbheadroomskb is meant to ensure that delta = headroom - skbheadroomskb is...
kernel-rt security update
An update is available for kernel-rt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel-rt packages provide the Real Time Linux Kernel, which enables...
SUSE-SU-2026:20836-1 Security update for the Linux Kernel (Live Patch 4 for SUSE Linux Enterprise 16)
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.9.1 fixes various security issues The following security issues were fixed: - CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path bsc1256644. - CVE-2025-71085: ipv6: BUG in pskbexpandhead as part of calipsoskbuffsetattr...
kernel: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr()
In the Linux kernel, the following vulnerability has been resolved: ipv6: BUG in pskbexpandhead as part of calipsoskbuffsetattr There exists a kernel oops caused by a BUGONnhead INTMAX i.e. intskbheadroomskb + lendelta skbheadroomskb is meant to ensure that delta = headroom - skbheadroomskb is...
kernel: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr()
In the Linux kernel, the following vulnerability has been resolved: ipv6: BUG in pskbexpandhead as part of calipsoskbuffsetattr There exists a kernel oops caused by a BUGONnhead INTMAX i.e. intskbheadroomskb + lendelta skbheadroomskb is meant to ensure that delta = headroom - skbheadroomskb is...
kernel: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr()
In the Linux kernel, the following vulnerability has been resolved: ipv6: BUG in pskbexpandhead as part of calipsoskbuffsetattr There exists a kernel oops caused by a BUGONnhead INTMAX i.e. intskbheadroomskb + lendelta skbheadroomskb is meant to ensure that delta = headroom - skbheadroomskb is...
RHEL 8 : kernel (RHSA-2026:5689)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5689 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ipv6: BUG in pskbexpandhead as part of...
kernel: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr()
In the Linux kernel, the following vulnerability has been resolved: ipv6: BUG in pskbexpandhead as part of calipsoskbuffsetattr There exists a kernel oops caused by a BUGONnhead INTMAX i.e. intskbheadroomskb + lendelta skbheadroomskb is meant to ensure that delta = headroom - skbheadroomskb is...
ALSA-2026:3963 Moderate: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ipv6: BUG in pskbexpandhead as part of calipsoskbuffsetattr CVE-2025-71085 kernel: macvlan: fix possible UAF in macvlanforwardsource CVE-2026-23001 For more details about the security...
Oracle Linux 9 : kernel (ELSA-2026-3488)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-3488 advisory. - migrate: correct lock ordering for hugetlb file folios Luiz Capitulino RHEL-147266 CVE-2026-23097 - ipv6: BUG in pskbexpandhead as part of...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003660)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003660 advisory. An issue was discovered in xfssetattrnonsize in fs/xfs/xfsiops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out o...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003937)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003937 advisory. In the Linux kernel through 4.20.11, afalgrelease in crypto/afalg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000802)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000802 advisory. The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attribute...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001601)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001601 advisory. The ocfs2setattr function in fs/ocfs2/file.c in the Linux kernel before 4.14.2 allows local users to cause a denial of service deadlock via DIO requests. Tenable has...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004325)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004325 advisory. In the Linux kernel through 4.20.11, afalgrelease in crypto/afalg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002281)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002281 advisory. The ovlsetattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass...