275 matches found
SUSE SLED15 / SLES15 Security Update : rsync (SUSE-SU-2026:2038-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2038-1 advisory. This update for rsync fixes the following issues - CVE-2026-29518: Symlink-Race TOCTOU in Daemon bsc1264511. -...
Security update for rsync
This update for rsync fixes the following issues CVE-2026-29518: Symlink-Race TOCTOU in Daemon bsc1264511. CVE-2026-41035: Count of entries mismatch can lead to a use-after-free bsc1262223 CVE-2026-43617: Authorization Bypass via Hostname Resolution bsc1264515. CVE-2026-43618: Integer Overflow...
CVE-2026-43619 Rsync < 3.4.3 Symlink Race Condition via Path-Based Syscalls
Rsync version 3.4.2 and prior contain symlink race condition vulnerabilities in path-based system calls including chmod, lchown, utimes, rename, unlink, mkdir, symlink, mknod, link, rmdir, and lstat that allow local attackers to redirect operations to files outside the exported rsync module...
CVE-2026-43619
Rsync
CVE-2026-43619 Rsync < 3.4.3 Symlink Race Condition via Path-Based Syscalls
Rsync version 3.4.2 and prior contain symlink race condition vulnerabilities in path-based system calls including chmod, lchown, utimes, rename, unlink, mkdir, symlink, mknod, link, rmdir, and lstat that allow local attackers to redirect operations to files outside the exported rsync module...
UBUNTU-CVE-2026-43619
Rsync version 3.4.2 and prior contain symlink race condition vulnerabilities in path-based system calls including chmod, lchown, utimes, rename, unlink, mkdir, symlink, mknod, link, rmdir, and lstat that allow local attackers to redirect operations to files outside the exported rsync module...
Astra Linux - уязвимость в linux-5.15, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: seccomp: Move copyseccomp to a non-failure path. Our syzbot instance reported memory leaks in doseccomp 0, similar to the reports 1. This indicates that we fail to free the struct seccompfilter and some objects included within it...
CVE-2026-31483 s390/syscalls: Add spectre boundary for syscall dispatch table
In the Linux kernel, the following vulnerability has been resolved: s390/syscalls: Add spectre boundary for syscall dispatch table The s390 syscall number is directly controlled by userspace, but does not have an arrayindexnospec boundary to prevent access past the syscall function pointer tables...
Amazon Linux 2023 : bpftool6.18, kernel6.18, kernel6.18-devel (ALAS2023-2026-1515)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1515 advisory. In the Linux kernel, the following vulnerability has been resolved: audit: add fchmodat2 to change attributes class CVE-2025-71239 In the Linux kernel, the following vulnerability has been...
audit: add missing syscalls to read class
...
CVE-2026-23241
In the Linux kernel, the following vulnerability has been resolved: audit: add missing syscalls to read class The "at" variant of getxattr and listxattr are missing from the audit read class. Calling getxattrat or listxattrat on a file to read its extended attributes will bypass audit rules such...
CVE-2026-23241
In the Linux kernel, the following vulnerability has been resolved: audit: add missing syscalls to read class The "at" variant of getxattr and listxattr are missing from the audit read class. Calling getxattrat or listxattrat on a file to read its extended attributes will bypass audit rules such...
Linux Distros Unpatched Vulnerability : CVE-2026-23241
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - audit: add missing syscalls to read class The at variant of getxattr and listxattr are missing from the audit read class. Calling getxattrat or listxattrat on a...
CVE-2026-23241
In the Linux kernel, the following vulnerability has been resolved: audit: add missing syscalls to read class The "at" variant of getxattr and listxattr are missing from the audit read class. Calling getxattrat or listxattrat on a file to read its extended attributes will bypass audit rules such...
Fedora 43 : perl-Crypt-URandom (2026-88f1155b8b)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-88f1155b8b advisory. This release fixes CVE-2026-2474 a heap buffer overflow and handling failed read syscalls. Tenable has extracted the preceding description block...
Fedora: Security Advisory (FEDORA-2026-b0bf6e9c9b)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2022-50661
The CVE-2022-50661 entry refers to a Linux kernel seccomp memory-leak in do_seccomp, where struct seccomp_filter and related objects were not freed in a failure path. The issue stems from where copy_seccomp() is released; a prior change moved release to a different path. The documented fix moves ...
PT-2025-49692
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contained a flaw in the seccomp implementation where memory leaks occurred in the do seccomp function. A syzbot instance identified unreferenced objects, including secco...
CVE-2025-40287
CVE-2025-40287 : In the Linux kernel exFAT code, an improper validation of dentry.stream.valid_size can cause an infinite loop, enabling a Denial-of-Service (DoS) when issuing SYS_openat, SYS_ftruncate, or SYS_pwrite64 on a malformed exFAT dentry. Root cause: the size check in exfat_find() did no...
[SECURITY] Fedora 41 Update: oci-seccomp-bpf-hook-1.2.10-8.fc41
OCI Hook to generate seccomp json files based on EBF syscalls used by contain er oci-seccomp-bpf-hook provides a library for applications looking to use the Container Pod concept popularized by Kubernetes...