Linux Distros Unpatched Vulnerability : CVE-2026-46104

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - selinux: use sk blob accessor in socket permission helpers SELinux socket state lives in the composite LSM socket blob. sockhasperm and nlmsgsockhasextendedperm...

EUVD-2026-32863

In the Linux kernel, the following vulnerability has been resolved: selinux: use sk blob accessor in socket permission helpers SELinux socket state lives in the composite LSM socket blob. sockhasperm and nlmsgsockhasextendedperms currently dereference sk-sksecurity directly, which assumes the...

CVE-2026-46104

In the Linux kernel, the following vulnerability has been resolved: selinux: use sk blob accessor in socket permission helpers SELinux socket state lives in the composite LSM socket blob. sockhasperm and nlmsgsockhasextendedperms currently dereference sk-sksecurity directly, which assumes the...

CVE-2026-46104

CVE-2026-46104 affects the Linux kernel where SELinux socket state is stored in the composite LSM socket blob. The vulnerability arises in sock_has_perm() and nlmsg_sock_has_extended_perms(), which currently dereference sk->sk_security directly, assuming the SELinux blob is at offset zero. In ...

CVE-2026-46104

In the Linux kernel, the following vulnerability has been resolved: selinux: use sk blob accessor in socket permission helpers SELinux socket state lives in the composite LSM socket blob. sockhasperm and nlmsgsockhasextendedperms currently dereference sk-sksecurity directly, which assumes the...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the SELinux socket permission helper function directly dereferencing sk-sksecurity. Assuming that the...

PT-2026-43715

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix NULL sock in aa sock file perm Deal with the potential that sock and sock-sk can be NULL during socket setup or teardown. This could lead to an oops. The fix for NULL pointer dereference in unix needs revalidation...

CVE-2026-45848

apparmor: fix NULL sock in aasockfileperm...

EUVD-2014-0406

Malware in sbrugna...

EUVD-2014-2928

Malware in sbrugna...

OESA-2025-1786 cloud-init security update

Cloud-init is the defacto multi-distribution package that handles early initialization of a cloud instance. Security Fixes: cloud-init is an industry-standard multi-distribution method for cross-platform cloud instance initialization by Canonical. There is a security vulnerability in cloud-init...

OESA-2025-1784 cloud-init security update

Cloud-init is the defacto multi-distribution package that handles early initialization of a cloud instance. Security Fixes: cloud-init is an industry-standard multi-distribution method for cross-platform cloud instance initialization by Canonical. There is a security vulnerability in cloud-init...

cloud-init 安全漏洞

cloud-init is an industry-standard multi-distribution method for cross-platform cloud instance initialization open-sourced by Canonical. A security vulnerability exists in cloud-init version 25.1.2 and earlier, which stems from the default SocketMode permission of 0666 for...

CVE-2020-5895

On NGINX Controller versions 3.1.0-3.3.0, AVRD uses world-readable and world-writable permissions on its socket, which allows processes or users on the local system to write arbitrary data into the socket. A local system attacker can make AVRD segmentation fault SIGSEGV by writing malformed...

USN-4185-2 linux-azure vulnerabilities

Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions TSX could expose...

SUSE SLED12 / SLES12 Security Update : sssd (SUSE-SU-2019:0556-1)

This update for sssd fixes the following issues : Security vulnerabilities addressed : Fix fallbackhomedir returning '/' for empty home directories CVE-2019-3811 bsc1121759 Create sockets with right permissions bsc1098377, CVE-2018-10852 Other bug fixes and changes: Install logrotate configuratio...

Debian DSA-2943-1 : php5 - security update

Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development : - CVE-2014-0185 The default PHP FPM socket permission has been changed from 0666 to 0660 to mitigate a security vulnerability CVE-2014-0185 in PHP FPM that allowed any...

[SECURITY] [DSA 2943-1] php5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2943-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 01, 2014 http://www.debian.org/security/faq -...

Debian Security Advisory DSA 2943-1 (php5 - security update)

Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development: CVE-2014-0185The default PHP FPM socket permission has been changed from 0666 to 0660 to mitigate a security vulnerability CVE-2014-0185 in PHP FPM that allowed any local...

Fedora 19 : php-5.5.12-1.fc19 (2014-5984)

Notice: to fix CVE-2014-0185 this version change default php-fpm unix domain socket permission to 660 instead of 666. Check your configuration if php-fpm use UDS default configuration use a network socket. Upstream Changelog: 01 May 2014, PHP 5.5.12 Core : - Fixed bug 61019 Out of memory on comma...