172 matches found
RHSA-2025:0880 Red Hat Security Advisory: tuned security update
Bulletin has no description...
RHSA-2025:0881 Red Hat Security Advisory: tuned security update
Bulletin has no description...
RHSA-2025:0879 Red Hat Security Advisory: tuned security update
Bulletin has no description...
tuned: improper sanitization of `instance_name` parameter of the `instance_create()` method
A log spoofing flaw was found in the Tuned package due to improper sanitization of some API arguments. This flaw allows an attacker to pass a controlled sequence of characters; newlines can be inserted into the log. Instead of the 'evil' the attacker could mimic a valid TuneD log line and trick t...
Important: Red Hat Security Advisory: tuned security update
An update for tuned is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Moderate: Red Hat Security Advisory: tuned security update
An update for tuned is now available for Fast Datapath for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
tuned: `script_pre` and `script_post` options allow to pass arbitrary scripts executed by root
A script injection vulnerability was identified in the Tuned package. The instancecreate D-Bus function can be called by locally logged-in users without authentication. This flaw allows a local non-privileged user to execute a D-Bus call with scriptpre or scriptpost options that permit arbitrary...
tuned: improper sanitization of `instance_name` parameter of the `instance_create()` method
A log spoofing flaw was found in the Tuned package due to improper sanitization of some API arguments. This flaw allows an attacker to pass a controlled sequence of characters; newlines can be inserted into the log. Instead of the 'evil' the attacker could mimic a valid TuneD log line and trick t...
tuned: `script_pre` and `script_post` options allow to pass arbitrary scripts executed by root
A script injection vulnerability was identified in the Tuned package. The instancecreate D-Bus function can be called by locally logged-in users without authentication. This flaw allows a local non-privileged user to execute a D-Bus call with scriptpre or scriptpost options that permit arbitrary...
tuned: improper sanitization of `instance_name` parameter of the `instance_create()` method
A log spoofing flaw was found in the Tuned package due to improper sanitization of some API arguments. This flaw allows an attacker to pass a controlled sequence of characters; newlines can be inserted into the log. Instead of the 'evil' the attacker could mimic a valid TuneD log line and trick t...
Important: Red Hat Security Advisory: tuned security update
An update for tuned is now available for Fast Datapath for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RHEL 8 : tuned (RHSA-2025:0880)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:0880 advisory. The tuned packages provide a service that tunes system settings according to a selected profile. Security Fixes: tuned: improper sanitizatio...
RHEL 9 : tuned (RHSA-2025:0879)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:0879 advisory. The tuned packages provide a service that tunes system settings according to a selected profile. Security Fixes: tuned: improper sanitizatio...
RHEL 7 : tuned (RHSA-2025:0881)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:0881 advisory. The tuned packages provide a service that tunes system settings according to a selected profile. Security Fixes: tuned: improper sanitization of...
RHSA-2025:0368 Red Hat Security Advisory: tuned security update
Bulletin has no description...
Moderate: Red Hat Security Advisory: tuned security update
An update for tuned is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...
tuned: improper sanitization of `instance_name` parameter of the `instance_create()` method
A log spoofing flaw was found in the Tuned package due to improper sanitization of some API arguments. This flaw allows an attacker to pass a controlled sequence of characters; newlines can be inserted into the log. Instead of the 'evil' the attacker could mimic a valid TuneD log line and trick t...
RHEL 8 : tuned (RHSA-2025:0368)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:0368 advisory. The tuned packages provide a service that tunes system settings according to a selected profile. Security Fixes: tuned: improper sanitization of...
RHSA-2025:0327 Red Hat Security Advisory: tuned security update
Bulletin has no description...
Moderate: Red Hat Security Advisory: tuned security update
An update for tuned is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as...