Amazon Linux 2 : golang, --advisory ALAS2-2026-3259 (ALAS-2026-3259)

The version of golang installed on the remote host is prior to 1.25.9-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3259 advisory. SWIG file names containing 'cgo' and well-crafted payloads could lead to code smuggling and arbitrary code execution at...

EUVD-2025-18593

Malicious code in bioql PyPI...

CVE-2025-38060

In the Linux kernel, the following vulnerability has been resolved: bpf: copyverifierstate should copy 'loopentry' field The bpfverifierstate.loopentry state should be copied by copyverifierstate. Otherwise, .loopentry values from unrelated states would poison env-curstate. Additionally, env-stac...

CVE-2025-38060 bpf: copy_verifier_state() should copy 'loop_entry' field

In the Linux kernel, the following vulnerability has been resolved: bpf: copyverifierstate should copy 'loopentry' field The bpfverifierstate.loopentry state should be copied by copyverifierstate. Otherwise, .loopentry values from unrelated states would poison env-curstate. Additionally, env-stac...

CVE-2025-38060

CVE-2025-38060 – Linux kernel (BPF verifier): The issue arises because copy_verifier_state() does not copy the .loop_entry field, allowing env->cur_state and env->stack to become inconsistent and potentially poison states. The fix requires copying loop_entry in copy_verifier_state() and ens...

CVE-2025-38060 bpf: copy_verifier_state() should copy 'loop_entry' field

In the Linux kernel, the following vulnerability has been resolved: bpf: copyverifierstate should copy 'loopentry' field The bpfverifierstate.loopentry state should be copied by copyverifierstate. Otherwise, .loopentry values from unrelated states would poison env-curstate. Additionally, env-stac...