437 matches found
PT-2025-37876
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak was identified in the UBI Unsorted Block Images module within the Linux kernel, specifically within the ubi resize volume function. The issue stems from a mismatch betwee...
A memory leak flaw was found in the UBI driver in drivers/mtd/ubi/attach.c in the Linux kernel through 6.7.4 for UBI_IOCATT, because kobj->name is not released.
...
Linux Distros Unpatched Vulnerability : CVE-2023-52449
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mtd: Fix gluebi NULL pointer dereference caused by ftl notifier If both ftl.ko and gluebi.ko are loaded, the notifier of ftl triggers NULL pointer dereference...
Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates
Summary IBM App Connect Enterprise Certified Container ACEcc is built on the Red Hat Universal Base Images. ACEcc operator versions 12.0.14 LTS and 12.14.0 addresses the listed CVEs found in the base images. This bulletin provides patch information to address the reported vulnerabilities...
USN-7651-6 linux-raspi vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - S390 architecture; - Block layer subsystem; - Serial ATA and Parallel ATA drivers; - Driver...
USN-7651-5 linux-raspi-realtime vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - S390 architecture; - Block layer subsystem; - Serial ATA and Parallel ATA drivers; - Driver...
USN-7651-4 linux-gcp, linux-gcp-6.8 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - S390 architecture; - Block layer subsystem; - Serial ATA and Parallel ATA drivers; - Driver...
USN-7651-2 linux-ibm, linux-ibm-6.8, linux-lowlatency, linux-lowlatency-hwe-6.8 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - S390 architecture; - Block layer subsystem; - Serial ATA and Parallel ATA drivers; - Driver...
Security Bulletin: IBM Storage Ceph is vulnerable to Reachable Assertion in the RHEL UBI (CVE-2024-33601)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2024-33601. Vulnerability Details CVEID:CVE-2024-33601 DESCRIPTION: nscd: netgroup cache may terminate daemon on memory allocatio...
Security Bulletin: IBM Storage Ceph is vulnerable to Improper Restriction of Operations within the Bounds of a Memory Buffer in the RHEL UBI (CVE-2024-33599)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2024-33599. Vulnerability Details CVEID:CVE-2024-33599 DESCRIPTION: nscd: Stack-based buffer overflow in netgroup cache If the Na...
Security Bulletin: IBM Storage Ceph is vulnerable to Use After Free in the RHEL UBI (CVE-2024-25062, CVE-2023-39615, CVE-2023-45322)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2024-25062, CVE-2023-39615, CVE-2023-45322. Vulnerability Details CVEID:CVE-2024-25062 DESCRIPTION: GNOME libxml2 is vulnerable t...
Security Bulletin: IBM Storage Ceph is vulnerable to Insecure Inherited Permissions in the RHEL UBI (CVE-2024-22365)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. CVE-2024-22365 This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. Vulnerability Details CVEID:CVE-2024-22365 DESCRIPTION: linux-pam aka Linux PAM before 1.6.0 allows attackers to cause...
Security Bulletin: IBM Storage Ceph is vulnerable to Race Condition in the RHEL UBI (CVE-2023-3758)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. CVE-2023-3758 This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. Vulnerability Details CVEID:CVE-2023-3758 DESCRIPTION: A race condition flaw was found in sssd where the GPO policy is...
Security Bulletin: IBM Storage Ceph is vulnerable to Channel Accessible by Non-Endpoint in the RHEL UBI (CVE-2023-7008)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. CVE-2023-7008 This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. Vulnerability Details CVEID:CVE-2023-7008 DESCRIPTION: systemd is vulnerable to a man-in-the-middle attack, caused by a...
Security Bulletin: IBM Storage Ceph is vulnerable to zip-bombs leading to denial of service in the RHEL UBI (CVE-2024-0450)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. CVE-2024-0450 This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. Vulnerability Details CVEID:CVE-2024-0450 DESCRIPTION: An issue was found in the CPython zipfile module affecting...
Security Bulletin: IBM Storage Ceph is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor in the RHEL UBI (CVE-2022-4415)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. CVE-2022-4415 This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. Vulnerability Details CVEID:CVE-2022-4415 DESCRIPTION: systemd could allow a local authenticated attacker to obtain...
Security Bulletin: IBM Storage Ceph is vulnerable to Unchecked Return Value in the RHEL UBI (CVE-2023-6918)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. CVE-2023-6918 This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. Vulnerability Details CVEID:CVE-2023-6918 DESCRIPTION: A flaw was found in the libssh implements abstract layer for...
Security Bulletin: IBM Storage Ceph is vulnerable to Command Injection in the RHEL UBI (CVE-2020-15778)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. CVE-2020-15778 This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. Vulnerability Details CVEID:CVE-2020-15778 DESCRIPTION: OpenSSH could allow a remote attacker to execute arbitrary...
Security Bulletin: Multiple security vulnerabilities in Vite affect IBM Robotic Process Automation (CVE-2025-31125, CVE-2025-32395, CVE-2025-31486).
Summary Multiple security vulnerabilities in Vite affect IBM Robotic Process Automation CVE-2025-31125, CVE-2025-32395, CVE-2025-31486. Vite is used by IBM Robotic Process Automation as part of the UI framework. This bulletin identifies the fixes required to address these vulnerabilities...
Security Bulletin: Multiple security vulnerabilities in RedHat UBI affect IBM Robotic Process Automation for Cloud Pak
Summary Multiple vulnerabilities in RedHat UBI affect IBM Robotic Process Automation for Cloud Pak. RedHat UBI is used as base imaged for IBM Robotic Process Automation for Cloud Pak images. This bulletin identifies the fixes required to address the vulnerabilites. Vulnerability Details...