Fedora 42 : prosody (2026-1efa008794)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-1efa008794 advisory. Prosody 13.0.5 Upstream is pleased to announce a new minor release from their stable branch. This is a security release for the Prosody 13.0.x stabl...

Fedora 42 : xdg-dbus-proxy (2026-adc66b374a)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-adc66b374a advisory. Update the package, including fix for CVE-2026-34080. See also: upstream security advisory Tenable has extracted the preceding description block directly fro...

Fedora 44 : xdg-dbus-proxy (2026-205fd328d2)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-205fd328d2 advisory. Update the package, including fix for CVE-2026-34080. See also: upstream security advisory Tenable has extracted the preceding description block directly fro...

Fedora 42 : flatpak-builder (2026-631b9d535c)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-631b9d535c advisory. This update includes a fix for CVE-2026-39977. See also: the upstream advisory Tenable has extracted the preceding description block directly from the Fedora...

TencentOS Server 3: tomcat (TSSA-2025:0592)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0592 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

kernel: wifi: rtw89: fix null pointer access when abort scan

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix null pointer access when abort scan The Linux kernel CVE team has assigned CVE-2024-35946 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051921-CVE-2024-35946-c2c2@gregkh/T...

kernel: cachefiles: fix memory leak in cachefiles_add_cache()

In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix memory leak in cachefilesaddcache The Linux kernel CVE team has assigned CVE-2024-26840 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024041715-CVE-2024-26840-057d@gregkh/T...

kernel: net/sched: flower: Fix chain template offload

In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: Fix chain template offload The Linux kernel CVE team has assigned CVE-2024-26669 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024040237-CVE-2024-26669-ca3c@gregkh/T...

kernel: tracing: Ensure visibility when inserting an element into tracing_map

In the Linux kernel, the following vulnerability has been resolved: tracing: Ensure visibility when inserting an element into tracingmap The Linux kernel CVE team has assigned CVE-2024-26645 to this issue. Upstream advisory:...

kernel: arm64: hibernate: Fix level3 translation fault in swsusp_save()

In the Linux kernel, the following vulnerability has been resolved: arm64: hibernate: Fix level3 translation fault in swsuspsave The Linux kernel CVE team has assigned CVE-2024-26989 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024050143-CVE-2024-26989-851d@gregkh...

kernel: block: fix module reference leakage from bdev_open_by_dev error path

In the Linux kernel, the following vulnerability has been resolved: block: fix module reference leakage from bdevopenbydev error path The Linux kernel CVE team has assigned CVE-2024-35859 to this issue. Upstream advisory:...

kernel: mlxsw: spectrum_acl_tcam: Fix memory leak during rehash

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fix memory leak during rehash The Linux kernel CVE team has assigned CVE-2024-35853 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051740-CVE-2024-35853-869a@gregkh/T...

kernel: pstore: inode: Only d_invalidate() is needed

In the Linux kernel, the following vulnerability has been resolved: pstore: inode: Only dinvalidate is needed The Linux kernel CVE team has assigned CVE-2024-27389 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024050135-CVE-2024-27389-fb3a@gregkh/T...

kernel: xsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING

In the Linux kernel, the following vulnerability has been resolved: xsk: validate user input for XDPUMEM|COMPLETIONFILLRING The Linux kernel CVE team has assigned CVE-2024-35976 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024052024-CVE-2024-35976-339b@gregkh/T...

kernel: cachefiles: fix memory leak in cachefiles_add_cache()

In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix memory leak in cachefilesaddcache The Linux kernel CVE team has assigned CVE-2024-26840 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024041715-CVE-2024-26840-057d@gregkh/T...

kernel: dmaengine: fix NULL pointer in channel unregistration function

In the Linux kernel, the following vulnerability has been resolved: dmaengine: fix NULL pointer in channel unregistration function The Linux kernel CVE team has assigned CVE-2023-52492 to this issue. Upstream advisory:...

kernel: tracing: Ensure visibility when inserting an element into tracing_map

In the Linux kernel, the following vulnerability has been resolved: tracing: Ensure visibility when inserting an element into tracingmap The Linux kernel CVE team has assigned CVE-2024-26645 to this issue. Upstream advisory:...

kernel: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get()

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Fix potential data-race in nftflowtabletypeget The Linux kernel CVE team has assigned CVE-2024-35898 to this issue. Upstream advisory:...

kernel: fs: sysfs: Fix reference leak in sysfs_break_active_protection()

In the Linux kernel, the following vulnerability has been resolved: fs: sysfs: Fix reference leak in sysfsbreakactiveprotection The Linux kernel CVE team has assigned CVE-2024-26993 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024050144-CVE-2024-26993-fe52@gregkh/...

kernel: mm: swap: fix race between free_swap_and_cache() and swapoff()

In the Linux kernel, the following vulnerability has been resolved: mm: swap: fix race between freeswapandcache and swapoff The Linux kernel CVE team has assigned CVE-2024-26960 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024050129-CVE-2024-26960-ad6b@gregkh/T...