SUSE SLES12 Security Update : kernel (Live Patch 70 for SUSE Linux Enterprise 12 SP5) (SUSE-SU-2026:0700-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0700-1 advisory. This update for the SUSE Linux Enterprise kernel 4.12.14-122.266 fixes various security issues The following security issues were fixed: -...

EUVD-2022-55082

In the Linux kernel, the following vulnerability has been resolved: net: preserve skbendoffset in skbunclonekeeptruesize syzbot found another way to trigger the infamous WARNONONCEdelta truesize value, we also need to make sure TCP wont fill new tailroom that pskbexpandhead was able to get from a...

Security update for kernel-livepatch-MICRO-6-0_Update_2

This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: CVE-2024-50154: tcp/dccp: Don't use timerpending in reqskqueueunlink bsc1233072 CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing bsc1237048 CVE-2025-21791: vrf: use RCU protection in l3mdevl3out bsc1240744...

EUVD-2019-8396

Malware in sbrugna...

EUVD-2017-18200

Malware in sbrugna...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2025-20609)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20609 advisory. - HID: core: do not bypass hidhwrawrequest Benjamin Tissoires Orabug: 38454666 CVE-2025-38494 - vsock: Do not allow binding to VMADDRPORTANY Budim...

CVE-2025-38209

CVE-2025-38209 is rooted in the Linux kernel nvme-tcp admin queue setup path. The patch sequence called nvme_tcp_configure_admin_queue() twice during nvme_tcp_setup_ctrl(): the first call (new=true) succeeds to prepare for DH-CHAP negotiation; the second call (new=false) is needed for secure conc...

CVE-2025-38209 nvme-tcp: remove tag set when second admin queue config fails

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: remove tag set when second admin queue config fails Commit 104d0e2f6222 "nvme-fabrics: reset admin connection for secure concatenation" modified nvmetcpsetupctrl to call nvmetcpconfigureadminqueue twice. The first call...

Linux Distros Unpatched Vulnerability : CVE-2024-53206

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tcp: Fix use-after-free of nreq in reqsktimerhandler. The cited commit replaced...

Linux Distros Unpatched Vulnerability : CVE-2024-47684

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tcp: check skb is non-NULL in tcprtodeltaus We have some machines running stock Ubuntu 20.04.6 which is their 5.4.0-174-generic kernel that are running ceph and...

Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024119 fixes several issues. The following security issues were fixed: CVE-2024-45016: netem: fix return value if duplicate enqueue fails bsc1230998. CVE-2022-48912: Fix use-after-free in nfregisternethook bsc1229641 CVE-2022-48923: btrfs: prevent...

Azure Linux 3.0 Security Update: kernel (CVE-2024-46737)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46737 advisory. - In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix kernel crash if commands...

SUSE SLES15 Security Update : kernel (Live Patch 8 for SLE 15 SP5) (SUSE-SU-2024:4227-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:4227-1 advisory. This update for the Linux Kernel 5.14.21-1505005539 fixes several issues. The following security issues were fixed: - CVE-2021-47517: Fix panic...

Memory corruption

Unspecified vulnerability in the Default Messaging Component in IBM WebSphere Application Server WAS 6.1.0.7 and earlier allows remote attackers to cause a denial of service related to a thread hang, and possibly related to a "TCP issue," or to MPAlarmThread and a resultant memory leak...

CVE-2007-3262

Unspecified vulnerability in the Default Messaging Component in IBM WebSphere Application Server WAS 6.1.0.7 and earlier allows remote attackers to cause a denial of service related to a thread hang, and possibly related to a "TCP issue," or to MPAlarmThread and a resultant memory leak...