CVE-2023-7008 affecting package systemd for versions less than 255-20

CVE-2023-7008 affecting package systemd for versions less than 255-20. A patched version of the package is available...

freeipa: Administrative user data leaked through systemd journal

A flaw was found in the FreeIPA API audit, where it sends the whole FreeIPA command line to journalctl. As a consequence, during the FreeIPA installation process, it inadvertently leaks the administrative user credentials, including the administrator password, to the journal database. In the...

CVE-2024-11029 Freeipa: administrative user data leaked through systemd journal

A flaw was found in the FreeIPA API audit, where it sends the whole FreeIPA command line to journalctl. As a consequence, during the FreeIPA installation process, it inadvertently leaks the administrative user credentials, including the administrator password, to the journal database. In the...

CVE-2024-11029

CVE-2024-11029 is a real vulnerability affecting FreeIPA via an API audit flaw that leaks administrator credentials to systemd journal when the FreeIPA installation process logs the full command line. Connected advisories confirm affected packages (FreeIPA) across multiple distributions (e.g., Fe...

Moderate: ipa security update

AlmaLinux Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: freeipa: Administrative user data leaked through systemd journal CVE-2024-11029 For more details about t...

RHEL 9 : ipa (RHSA-2025:0334)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:0334 advisory. Red Hat Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based...

CVE-2021-3997 affecting package systemd 239-42

CVE-2021-3997 affecting package systemd 239-42. This CVE either no longer is or was never applicable...

CVE-2022-4415 affecting package systemd 239-43

CVE-2022-4415 affecting package systemd 239-43. This CVE either no longer is or was never applicable...

CVE-2024-55916

The CVE-2024-55916 entry refers to a Linux kernel race where the KVP/VSS daemon may run before the VMBus ringbuffer is fully initialized. Concrete detail: a NULL pointer dereference can occur in hv_pkt_iter_first when the daemon opens / dev/vmbus/hv_kvp and registers before vmbus_open() completes...

PT-2025-23285

Name of the Vulnerable Software and Affected Versions systemd-coredump affected versions not specified systemd versions prior to 252.38-1deb12u1 Description A flaw in systemd-coredump allows an attacker to force a SUID process to crash and replace it with a non-SUID binary, giving access to the...

SUSE SLES15 / openSUSE 15 Security Update : vhostmd (SUSE-SU-2024:4416-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:4416-1 advisory. Updated to version 1.2 - Fix actions using the 'free' command - Fix buffer accounting when generating metric XML - Change...

SUSE-SU-2024:4416-1 Security update for vhostmd

This update for vhostmd fixes the following issues: Updated to version 1.2 - Fix actions using the 'free' command - Fix buffer accounting when generating metric XML - Change actions to retrieve vendor and product info - Add a 'unit' attribute to the metrics element - vif-stats.py: convert to...

PT-2024-41360 · Opensuse +1 · Vhostmd

Name of the Vulnerable Software and Affected Versions: vhostmd versions prior to 1.2 Description: This update for vhostmd addresses issues including fixes for actions using the 'free' command, buffer accounting when generating metric XML, and the 'VirtualizationVendor' action to strip URLs. It al...

systemd bug fix update

An update is available for systemd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The systemd packages contain systemd, a system and service manager for Linux,...

SUSE SLES15: docker / docker-bash-completion / docker-fish-completion / etc (SUSE-SU-2024:4360-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:4360-1 advisory. - Update docker-buildx to v0.19.2. See upstream changelog online at . Some notable changelogs from the last update: -...

SUSE-SU-2024:4319-1 Security update for docker

This update for docker fixes the following issues: - Update docker-buildx to v0.19.2. See upstream changelog online at . Some notable changelogs from the last update: - Add a new toggle file /etc/docker/suse-secrets-enable which allows users to disable the SUSEConnect integration with Docker whic...

SUSE SLES12 Security Update : docker-stable (SUSE-SU-2024:4205-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2024:4205-1 advisory. - Remove DOCKERNETWORKOPTS from docker.service. This was removed from sysconfig a long time ago, and apparently this causes issues with systemd in some...

redis:7 security update

7.2.6-1 - rebase to 7.2.6 RHEL-26628 7.0.12-1 - rebase to 7.0.12 2221899 7.0.11-1 - rebase to 7.0.11 for new redis:7 stream 2129826 7.0.11-1 - Upstream 7.0.11 release. 7.0.10-2 - fix modules directory ownership and permissions 2176173 - drop redis-shutdown helper and rely on systemd 2181181...

Security update for docker-stable

This update for docker-stable fixes the following issues: Remove DOCKERNETWORKOPTS from docker.service. This was removed from sysconfig a long time ago, and apparently this causes issues with systemd in some cases. Update --add-runtime to point to correct binary path. Further merge docker and...

Race Condition

Overview benchexec is a framework for reliable benchmarking and resource measurement. Affected versions of this package are vulnerable to Race Condition via the asynchronous StartTransientUnit method within cgroupsv2.py. An attacker could manipulate the timing of transient unit creation, leading ...