24 matches found
EUVD-2026-32841
In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix accept queue count leak on transport mismatch virtiotransportrecvlisten calls skacceptqadded before vsockassigntransport. If vsockassigntransport fails or selects a different transport, the error path returns...
Security update provided in Brocade ASCG3.4.0b Base OS (OVA Deployment) for Rocky Linux Kernel
Security update provided in Brocade ASCG3.4.0b Base OS OVA Deployment for Rocky Linux Kernel CVE-2022-50673 - Linux Kernel 'ext4' Vulnerable to Use-After-Free via Improper Error Handling in 'ext4orphancleanup' CVE-2022-50865 - Linux Kernel Vulnerable to Signed Integer Overflow via Backlog Limit...
CLSA-2026-1775779453 Fix of 68 CVEs
CVE-2025-39743 - jfs: truncate good inode pages when hard link is 0 CVE-2025-39743 CVE-2025-39685 - comedi: pcl726: Prevent invalid irq number CVE-2025-39685 CVE-2025-38713 - hfsplus: fix slab-out-of-bounds read in hfsplusuni2asc CVE-2025-38713 CVE-2025-38699 - scsi: bfa: Double-free fix...
ROS-20260313-73-0011
A vulnerability in the vmcitransportpacket function of the Linux operating system kernel is related to errors in variable initialization. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
RLSA-2026:2282 Moderate: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Memory corruption in Squashfs due to incorrect block size calculation CVE-2025-38415 kernel: vsock/vmci: Clear the vmci transport packet properly when initializing it...
kernel security update
An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...
RockyLinux 9 : kernel (RLSA-2026:2212)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:2212 advisory. kernel: net: openvswitch: fix nested key length validation in the set action CVE-2025-37789 kernel: Linux kernel: irqchip/gic-v2m use-after-free...
MiracleLinux 8 : kernel-4.18.0-553.104.1.el8_10 (AXSA:2026-172:10)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-172:10 advisory. kernel: vsock/vmci: Clear the vmci transport packet properly when initializing it CVE-2025-38403 kernel: net: use dstdevrcu in sksetupcaps...
RHEL 8 : kernel-rt (RHSA-2026:2378)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2378 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...
Moderate: kernel-rt security update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: vsock/vmci: Clear the vmci transport packet properly when initializing it CVE-2025-38403 kernel: net: use dstdevrcu in sksetupcaps...
kernel: Kernel: Privilege escalation via uninitialized data in vmci transport packet
A flaw was found in the Linux kernel's vsock/vmci component. A local attacker with low privileges could exploit a vulnerability where the vmcitransportpacket structure is not properly cleared during initialization. This can lead to the use of uninitialized data, potentially allowing for informati...
kernel: Kernel: Privilege escalation via uninitialized data in vmci transport packet
A flaw was found in the Linux kernel's vsock/vmci component. A local attacker with low privileges could exploit a vulnerability where the vmcitransportpacket structure is not properly cleared during initialization. This can lead to the use of uninitialized data, potentially allowing for informati...
Moderate: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: vsock/vmci: Clear the vmci transport packet properly when initializing it CVE-2025-38403 kernel: net: use dstdevrcu in sksetupcaps CVE-2025-40170 kernel: ipv6: use RCU in ip6xmit...
CentOS 9 : kernel-5.14.0-669.el9
The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the kernel-5.14.0-669.el9 build changelog. - In the Linux kernel, the following vulnerability has been resolved: vsock/vmci: Clear the vmci transport packet properly when...
EUVD-2025-22599
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-38403
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vsock/vmci: Clear the vmci transport packet properly when initializing it In vmcitransportpacketinit memset the vmcitransportpacket before populating the fields...
SUSE CVE-2025-38403
In the Linux kernel, the following vulnerability has been resolved: vsock/vmci: Clear the vmci transport packet properly when initializing it In vmcitransportpacketinit memset the vmcitransportpacket before populating the fields to avoid any uninitialised data being left in the structure...
CVE-2025-38403
In the Linux kernel, the following vulnerability has been resolved: vsock/vmci: Clear the vmci transport packet properly when initializing it In vmcitransportpacketinit memset the vmcitransportpacket before populating the fields to avoid any uninitialised data being left in the structure...
DEBIAN-CVE-2025-38403
In the Linux kernel, the following vulnerability has been resolved: vsock/vmci: Clear the vmci transport packet properly when initializing it In vmcitransportpacketinit memset the vmcitransportpacket before populating the fields to avoid any uninitialised data being left in the structure...
CVE-2025-38403 vsock/vmci: Clear the vmci transport packet properly when initializing it
In the Linux kernel, the following vulnerability has been resolved: vsock/vmci: Clear the vmci transport packet properly when initializing it In vmcitransportpacketinit memset the vmcitransportpacket before populating the fields to avoid any uninitialised data being left in the structure...