Vulnerability-Lookup

CVE-2026-46333 (GCVE-0-2026-46333)

Vulnerability from cvelistv5 – Published: 2026-05-15 12:58 – Updated: 2026-05-23 16:07

Title

ptrace: slightly saner 'get_dumpable()' logic

Summary

In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when you don't have an associated mm. And almost all users do in fact use it only for the case where the task has a mm pointer. But we have one odd special case: ptrace_may_access() uses 'dumpable' to check various other things entirely independently of the MM (typically explicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for threads that no longer have a VM (and maybe never did, like most kernel threads). It's not what this flag was designed for, but it is what it is. The ptrace code does check that the uid/gid matches, so you do have to be uid-0 to see kernel thread details, but this means that the traditional "drop capabilities" model doesn't make any difference for this all. Make it all make a *bit* more sense by saying that if you don't have a MM pointer, we'll use a cached "last dumpability" flag if the thread ever had a MM (it will be zero for kernel threads since it is never set), and require a proper CAP_SYS_PTRACE capability to override.

Severity ?

7.1 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CWE

CWE-269 - Improper Privilege Management

Assigner

Linux

References

8 references

URL	Tags
https://git.kernel.org/stable/c/93d4ba49d18e3d7fb…
https://git.kernel.org/stable/c/15b828a46f305ae9f…
https://git.kernel.org/stable/c/4709234fd1b95136c…
https://git.kernel.org/stable/c/8f907d345bae8f4b3…
https://git.kernel.org/stable/c/6e5b51e74a40d377b…
https://git.kernel.org/stable/c/2a93a4fac7b6051d3…
https://git.kernel.org/stable/c/01363cb3fbd0238ff…
https://git.kernel.org/stable/c/31e62c2ebbfdc3fe3…

Impacted products

2 products

Vendor	Product	Version
Linux	Linux	Affected: bfedb589252c01fa505ac9f6f2a3d5d68d707ef4 , < 93d4ba49d18e3d7fb41a9927c2d0cca5e9dfefd6 (git) Affected: bfedb589252c01fa505ac9f6f2a3d5d68d707ef4 , < 15b828a46f305ae9f05a7c16914b3ce273474205 (git) Affected: bfedb589252c01fa505ac9f6f2a3d5d68d707ef4 , < 4709234fd1b95136ceb789f639b1e7ea5de1b181 (git) Affected: bfedb589252c01fa505ac9f6f2a3d5d68d707ef4 , < 8f907d345bae8f4b3f004c5abc56bf2dfb851ea7 (git) Affected: bfedb589252c01fa505ac9f6f2a3d5d68d707ef4 , < 6e5b51e74a40d377bcd3081dd33fbaa0e1aa7e3d (git) Affected: bfedb589252c01fa505ac9f6f2a3d5d68d707ef4 , < 2a93a4fac7b6051d3be7cd1b015fe7320cd0404d (git) Affected: bfedb589252c01fa505ac9f6f2a3d5d68d707ef4 , < 01363cb3fbd0238ffdeb09f53e9039c9edf8a730 (git) Affected: bfedb589252c01fa505ac9f6f2a3d5d68d707ef4 , < 31e62c2ebbfdc3fe3dbdf5e02c92a9dc67087a3a (git) Affected: d5b3e840dbf6dd2c0f30b5982b6f5ecd49e46b12 (git) Affected: 03eed7afbc09e061f66b448daf7863174c3dc3f3 (git) Affected: e45692fa1aea06676449b63ef3c2b6e1e72b7578 (git) Affected: 694a95fa6dae4991f16cda333d897ea063021fed (git) Affected: 3.16.52 , < 3.17 (semver) Affected: 4.4.40 , < 4.5 (semver) Affected: 4.8.16 , < 4.9 (semver) Affected: 4.9.1 , < 4.10 (semver)
Linux	Linux	Affected: 4.10 Unaffected: 0 , < 4.10 (semver) Unaffected: 5.10.256 , ≤ 5.10.* (semver) Unaffected: 5.15.207 , ≤ 5.15.* (semver) Unaffected: 6.1.173 , ≤ 6.1.* (semver) Unaffected: 6.6.139 , ≤ 6.6.* (semver) Unaffected: 6.12.89 , ≤ 6.12.* (semver) Unaffected: 6.18.31 , ≤ 6.18.* (semver) Unaffected: 7.0.8 , ≤ 7.0.* (semver) Unaffected: 7.1-rc4 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2026-05-20T18:47:13.604Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/15/9"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2026/05/msg00032.html"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2026/05/msg00035.html"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/20/14"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/20/16"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-46333",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-21T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-269",
                "description": "CWE-269 Improper Privilege Management",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-22T03:55:24.391Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/0xdeadbeefnetwork/ssh-keysign-pwn/"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "include/linux/sched.h",
            "kernel/exit.c",
            "kernel/ptrace.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "93d4ba49d18e3d7fb41a9927c2d0cca5e9dfefd6",
              "status": "affected",
              "version": "bfedb589252c01fa505ac9f6f2a3d5d68d707ef4",
              "versionType": "git"
            },
            {
              "lessThan": "15b828a46f305ae9f05a7c16914b3ce273474205",
              "status": "affected",
              "version": "bfedb589252c01fa505ac9f6f2a3d5d68d707ef4",
              "versionType": "git"
            },
            {
              "lessThan": "4709234fd1b95136ceb789f639b1e7ea5de1b181",
              "status": "affected",
              "version": "bfedb589252c01fa505ac9f6f2a3d5d68d707ef4",
              "versionType": "git"
            },
            {
              "lessThan": "8f907d345bae8f4b3f004c5abc56bf2dfb851ea7",
              "status": "affected",
              "version": "bfedb589252c01fa505ac9f6f2a3d5d68d707ef4",
              "versionType": "git"
            },
            {
              "lessThan": "6e5b51e74a40d377bcd3081dd33fbaa0e1aa7e3d",
              "status": "affected",
              "version": "bfedb589252c01fa505ac9f6f2a3d5d68d707ef4",
              "versionType": "git"
            },
            {
              "lessThan": "2a93a4fac7b6051d3be7cd1b015fe7320cd0404d",
              "status": "affected",
              "version": "bfedb589252c01fa505ac9f6f2a3d5d68d707ef4",
              "versionType": "git"
            },
            {
              "lessThan": "01363cb3fbd0238ffdeb09f53e9039c9edf8a730",
              "status": "affected",
              "version": "bfedb589252c01fa505ac9f6f2a3d5d68d707ef4",
              "versionType": "git"
            },
            {
              "lessThan": "31e62c2ebbfdc3fe3dbdf5e02c92a9dc67087a3a",
              "status": "affected",
              "version": "bfedb589252c01fa505ac9f6f2a3d5d68d707ef4",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "d5b3e840dbf6dd2c0f30b5982b6f5ecd49e46b12",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "03eed7afbc09e061f66b448daf7863174c3dc3f3",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "e45692fa1aea06676449b63ef3c2b6e1e72b7578",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "694a95fa6dae4991f16cda333d897ea063021fed",
              "versionType": "git"
            },
            {
              "lessThan": "3.17",
              "status": "affected",
              "version": "3.16.52",
              "versionType": "semver"
            },
            {
              "lessThan": "4.5",
              "status": "affected",
              "version": "4.4.40",
              "versionType": "semver"
            },
            {
              "lessThan": "4.9",
              "status": "affected",
              "version": "4.8.16",
              "versionType": "semver"
            },
            {
              "lessThan": "4.10",
              "status": "affected",
              "version": "4.9.1",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "include/linux/sched.h",
            "kernel/exit.c",
            "kernel/ptrace.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.10"
            },
            {
              "lessThan": "4.10",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.256",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.207",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.173",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.139",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.89",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.18.*",
              "status": "unaffected",
              "version": "6.18.31",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.0.*",
              "status": "unaffected",
              "version": "7.0.8",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "7.1-rc4",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.256",
                  "versionStartIncluding": "4.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.207",
                  "versionStartIncluding": "4.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.173",
                  "versionStartIncluding": "4.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.139",
                  "versionStartIncluding": "4.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.89",
                  "versionStartIncluding": "4.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.18.31",
                  "versionStartIncluding": "4.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "7.0.8",
                  "versionStartIncluding": "4.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "7.1-rc4",
                  "versionStartIncluding": "4.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "3.16.52",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "4.4.40",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "4.8.16",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "4.9.1",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nptrace: slightly saner \u0027get_dumpable()\u0027 logic\n\nThe \u0027dumpability\u0027 of a task is fundamentally about the memory image of\nthe task - the concept comes from whether it can core dump or not - and\nmakes no sense when you don\u0027t have an associated mm.\n\nAnd almost all users do in fact use it only for the case where the task\nhas a mm pointer.\n\nBut we have one odd special case: ptrace_may_access() uses \u0027dumpable\u0027 to\ncheck various other things entirely independently of the MM (typically\nexplicitly using flags like PTRACE_MODE_READ_FSCREDS).  Including for\nthreads that no longer have a VM (and maybe never did, like most kernel\nthreads).\n\nIt\u0027s not what this flag was designed for, but it is what it is.\n\nThe ptrace code does check that the uid/gid matches, so you do have to\nbe uid-0 to see kernel thread details, but this means that the\ntraditional \"drop capabilities\" model doesn\u0027t make any difference for\nthis all.\n\nMake it all make a *bit* more sense by saying that if you don\u0027t have a\nMM pointer, we\u0027ll use a cached \"last dumpability\" flag if the thread\never had a MM (it will be zero for kernel threads since it is never\nset), and require a proper CAP_SYS_PTRACE capability to override."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-23T16:07:12.401Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/93d4ba49d18e3d7fb41a9927c2d0cca5e9dfefd6"
        },
        {
          "url": "https://git.kernel.org/stable/c/15b828a46f305ae9f05a7c16914b3ce273474205"
        },
        {
          "url": "https://git.kernel.org/stable/c/4709234fd1b95136ceb789f639b1e7ea5de1b181"
        },
        {
          "url": "https://git.kernel.org/stable/c/8f907d345bae8f4b3f004c5abc56bf2dfb851ea7"
        },
        {
          "url": "https://git.kernel.org/stable/c/6e5b51e74a40d377bcd3081dd33fbaa0e1aa7e3d"
        },
        {
          "url": "https://git.kernel.org/stable/c/2a93a4fac7b6051d3be7cd1b015fe7320cd0404d"
        },
        {
          "url": "https://git.kernel.org/stable/c/01363cb3fbd0238ffdeb09f53e9039c9edf8a730"
        },
        {
          "url": "https://git.kernel.org/stable/c/31e62c2ebbfdc3fe3dbdf5e02c92a9dc67087a3a"
        }
      ],
      "title": "ptrace: slightly saner \u0027get_dumpable()\u0027 logic",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2026-46333",
    "datePublished": "2026-05-15T12:58:44.599Z",
    "dateReserved": "2026-05-13T15:03:33.113Z",
    "dateUpdated": "2026-05-23T16:07:12.401Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2026-46333",
      "date": "2026-05-24",
      "epss": "9e-05",
      "percentile": "0.00874"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-46333\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2026-05-15T14:16:35.793\",\"lastModified\":\"2026-05-21T14:16:48.910\",\"vulnStatus\":\"Received\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nptrace: slightly saner \u0027get_dumpable()\u0027 logic\\n\\nThe \u0027dumpability\u0027 of a task is fundamentally about the memory image of\\nthe task - the concept comes from whether it can core dump or not - and\\nmakes no sense when you don\u0027t have an associated mm.\\n\\nAnd almost all users do in fact use it only for the case where the task\\nhas a mm pointer.\\n\\nBut we have one odd special case: ptrace_may_access() uses \u0027dumpable\u0027 to\\ncheck various other things entirely independently of the MM (typically\\nexplicitly using flags like PTRACE_MODE_READ_FSCREDS).  Including for\\nthreads that no longer have a VM (and maybe never did, like most kernel\\nthreads).\\n\\nIt\u0027s not what this flag was designed for, but it is what it is.\\n\\nThe ptrace code does check that the uid/gid matches, so you do have to\\nbe uid-0 to see kernel thread details, but this means that the\\ntraditional \\\"drop capabilities\\\" model doesn\u0027t make any difference for\\nthis all.\\n\\nMake it all make a *bit* more sense by saying that if you don\u0027t have a\\nMM pointer, we\u0027ll use a cached \\\"last dumpability\\\" flag if the thread\\never had a MM (it will be zero for kernel threads since it is never\\nset), and require a proper CAP_SYS_PTRACE capability to override.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.8,\"impactScore\":5.2}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-269\"}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/01363cb3fbd0238ffdeb09f53e9039c9edf8a730\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/15b828a46f305ae9f05a7c16914b3ce273474205\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/2a93a4fac7b6051d3be7cd1b015fe7320cd0404d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/31e62c2ebbfdc3fe3dbdf5e02c92a9dc67087a3a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/4709234fd1b95136ceb789f639b1e7ea5de1b181\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/6e5b51e74a40d377bcd3081dd33fbaa0e1aa7e3d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/8f907d345bae8f4b3f004c5abc56bf2dfb851ea7\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/93d4ba49d18e3d7fb41a9927c2d0cca5e9dfefd6\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/15/9\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/20/14\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/20/16\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2026/05/msg00032.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2026/05/msg00035.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/0xdeadbeefnetwork/ssh-keysign-pwn/\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/15/9\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2026/05/msg00032.html\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2026/05/msg00035.html\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/20/14\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/20/16\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2026-05-20T18:47:13.604Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-46333\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-05-21T12:57:16.275566Z\"}}}], \"references\": [{\"url\": \"https://github.com/0xdeadbeefnetwork/ssh-keysign-pwn/\", \"tags\": [\"exploit\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-269\", \"description\": \"CWE-269 Improper Privilege Management\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-05-18T12:53:39.616Z\"}}], \"cna\": {\"title\": \"ptrace: slightly saner \u0027get_dumpable()\u0027 logic\", \"metrics\": [{\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 7.1, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\"}}], \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"bfedb589252c01fa505ac9f6f2a3d5d68d707ef4\", \"lessThan\": \"93d4ba49d18e3d7fb41a9927c2d0cca5e9dfefd6\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"bfedb589252c01fa505ac9f6f2a3d5d68d707ef4\", \"lessThan\": \"15b828a46f305ae9f05a7c16914b3ce273474205\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"bfedb589252c01fa505ac9f6f2a3d5d68d707ef4\", \"lessThan\": \"4709234fd1b95136ceb789f639b1e7ea5de1b181\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"bfedb589252c01fa505ac9f6f2a3d5d68d707ef4\", \"lessThan\": \"8f907d345bae8f4b3f004c5abc56bf2dfb851ea7\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"bfedb589252c01fa505ac9f6f2a3d5d68d707ef4\", \"lessThan\": \"6e5b51e74a40d377bcd3081dd33fbaa0e1aa7e3d\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"bfedb589252c01fa505ac9f6f2a3d5d68d707ef4\", \"lessThan\": \"2a93a4fac7b6051d3be7cd1b015fe7320cd0404d\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"bfedb589252c01fa505ac9f6f2a3d5d68d707ef4\", \"lessThan\": \"01363cb3fbd0238ffdeb09f53e9039c9edf8a730\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"bfedb589252c01fa505ac9f6f2a3d5d68d707ef4\", \"lessThan\": \"31e62c2ebbfdc3fe3dbdf5e02c92a9dc67087a3a\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"d5b3e840dbf6dd2c0f30b5982b6f5ecd49e46b12\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"03eed7afbc09e061f66b448daf7863174c3dc3f3\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"e45692fa1aea06676449b63ef3c2b6e1e72b7578\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"694a95fa6dae4991f16cda333d897ea063021fed\", \"versionType\": \"git\"}], \"programFiles\": [\"include/linux/sched.h\", \"kernel/exit.c\", \"kernel/ptrace.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.10\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"4.10\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"5.10.256\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.10.*\"}, {\"status\": \"unaffected\", \"version\": \"5.15.207\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.15.*\"}, {\"status\": \"unaffected\", \"version\": \"6.1.173\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.1.*\"}, {\"status\": \"unaffected\", \"version\": \"6.6.139\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.6.*\"}, {\"status\": \"unaffected\", \"version\": \"6.12.89\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.12.*\"}, {\"status\": \"unaffected\", \"version\": \"6.18.31\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.18.*\"}, {\"status\": \"unaffected\", \"version\": \"7.0.8\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.0.*\"}, {\"status\": \"unaffected\", \"version\": \"7.1-rc4\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"include/linux/sched.h\", \"kernel/exit.c\", \"kernel/ptrace.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/93d4ba49d18e3d7fb41a9927c2d0cca5e9dfefd6\"}, {\"url\": \"https://git.kernel.org/stable/c/15b828a46f305ae9f05a7c16914b3ce273474205\"}, {\"url\": \"https://git.kernel.org/stable/c/4709234fd1b95136ceb789f639b1e7ea5de1b181\"}, {\"url\": \"https://git.kernel.org/stable/c/8f907d345bae8f4b3f004c5abc56bf2dfb851ea7\"}, {\"url\": \"https://git.kernel.org/stable/c/6e5b51e74a40d377bcd3081dd33fbaa0e1aa7e3d\"}, {\"url\": \"https://git.kernel.org/stable/c/2a93a4fac7b6051d3be7cd1b015fe7320cd0404d\"}, {\"url\": \"https://git.kernel.org/stable/c/01363cb3fbd0238ffdeb09f53e9039c9edf8a730\"}, {\"url\": \"https://git.kernel.org/stable/c/31e62c2ebbfdc3fe3dbdf5e02c92a9dc67087a3a\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nptrace: slightly saner \u0027get_dumpable()\u0027 logic\\n\\nThe \u0027dumpability\u0027 of a task is fundamentally about the memory image of\\nthe task - the concept comes from whether it can core dump or not - and\\nmakes no sense when you don\u0027t have an associated mm.\\n\\nAnd almost all users do in fact use it only for the case where the task\\nhas a mm pointer.\\n\\nBut we have one odd special case: ptrace_may_access() uses \u0027dumpable\u0027 to\\ncheck various other things entirely independently of the MM (typically\\nexplicitly using flags like PTRACE_MODE_READ_FSCREDS).  Including for\\nthreads that no longer have a VM (and maybe never did, like most kernel\\nthreads).\\n\\nIt\u0027s not what this flag was designed for, but it is what it is.\\n\\nThe ptrace code does check that the uid/gid matches, so you do have to\\nbe uid-0 to see kernel thread details, but this means that the\\ntraditional \\\"drop capabilities\\\" model doesn\u0027t make any difference for\\nthis all.\\n\\nMake it all make a *bit* more sense by saying that if you don\u0027t have a\\nMM pointer, we\u0027ll use a cached \\\"last dumpability\\\" flag if the thread\\never had a MM (it will be zero for kernel threads since it is never\\nset), and require a proper CAP_SYS_PTRACE capability to override.\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.10.256\", \"versionStartIncluding\": \"4.10\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.15.207\", \"versionStartIncluding\": \"4.10\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.1.173\", \"versionStartIncluding\": \"4.10\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.6.139\", \"versionStartIncluding\": \"4.10\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.12.89\", \"versionStartIncluding\": \"4.10\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.18.31\", \"versionStartIncluding\": \"4.10\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"7.0.8\", \"versionStartIncluding\": \"4.10\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"7.1-rc4\", \"versionStartIncluding\": \"4.10\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionStartIncluding\": \"3.16.52\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionStartIncluding\": \"4.4.40\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionStartIncluding\": \"4.8.16\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionStartIncluding\": \"4.9.1\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2026-05-20T16:08:13.343Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-46333\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-22T03:55:24.391Z\", \"dateReserved\": \"2026-05-13T15:03:33.113Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2026-05-15T12:58:44.599Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

alsa-2026:19664

Vulnerability from osv_almalinux

Published

2026-05-20 00:00

Modified

2026-05-20 17:50

Summary

Important: kernel-rt security update

Details

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel (CVE-2026-46300)
kernel: Read root-owned files as an unprivileged user (CVE-2026-46333)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

URL

Type

	https://access.redhat.com/errata/RHSA-2026:19664	ADVISORY
	https://access.redhat.com/security/cve/CVE-2026-46300	REPORT
	https://access.redhat.com/security/cve/CVE-2026-46333	REPORT
	https://bugzilla.redhat.com/2477015	REPORT
	https://bugzilla.redhat.com/2477802	REPORT
	https://errata.almalinux.org/8/ALSA-2026-19664.html	ADVISORY

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-rt"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.125.1.rt7.466.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-rt-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.125.1.rt7.466.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-rt-debug"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.125.1.rt7.466.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-rt-debug-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.125.1.rt7.466.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-rt-debug-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.125.1.rt7.466.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-rt-debug-modules"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.125.1.rt7.466.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-rt-debug-modules-extra"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.125.1.rt7.466.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-rt-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.125.1.rt7.466.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-rt-modules"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.125.1.rt7.466.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-rt-modules-extra"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.125.1.rt7.466.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.  \n\nSecurity Fix(es):  \n\n  * kernel: \"Fragnesia\" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel (CVE-2026-46300)\n  * kernel: Read root-owned files as an unprivileged user (CVE-2026-46333)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
  "id": "ALSA-2026:19664",
  "modified": "2026-05-20T17:50:04Z",
  "published": "2026-05-20T00:00:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2026:19664"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-46300"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-46333"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2477015"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2477802"
    },
    {
      "type": "ADVISORY",
      "url": "https://errata.almalinux.org/8/ALSA-2026-19664.html"
    }
  ],
  "related": [
    "CVE-2026-46300",
    "CVE-2026-46333"
  ],
  "summary": "Important: kernel-rt security update"
}

alsa-2026:19666

Vulnerability from osv_almalinux

Published

2026-05-20 00:00

Modified

2026-05-20 17:51

Summary

Important: kernel security update

Details

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel (CVE-2026-46300)
kernel: Read root-owned files as an unprivileged user (CVE-2026-46333)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

URL

Type

	https://access.redhat.com/errata/RHSA-2026:19666	ADVISORY
	https://access.redhat.com/security/cve/CVE-2026-46300	REPORT
	https://access.redhat.com/security/cve/CVE-2026-46333	REPORT
	https://bugzilla.redhat.com/2477015	REPORT
	https://bugzilla.redhat.com/2477802	REPORT
	https://errata.almalinux.org/8/ALSA-2026-19666.html	ADVISORY

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "bpftool"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.125.1.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.125.1.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-abi-stablelists"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.125.1.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.125.1.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-cross-headers"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.125.1.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-debug"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.125.1.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-debug-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.125.1.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-debug-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.125.1.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-debug-modules"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.125.1.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-debug-modules-extra"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.125.1.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.125.1.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-doc"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.125.1.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-headers"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.125.1.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-modules"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.125.1.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-modules-extra"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.125.1.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-tools"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.125.1.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-tools-libs"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.125.1.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-tools-libs-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.125.1.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-zfcpdump"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.125.1.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-zfcpdump-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.125.1.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-zfcpdump-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.125.1.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-zfcpdump-modules"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.125.1.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-zfcpdump-modules-extra"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.125.1.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "perf"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.125.1.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "python3-perf"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.125.1.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "The kernel packages contain the Linux kernel, the core of any Linux operating system.  \n\nSecurity Fix(es):  \n\n  * kernel: \"Fragnesia\" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel (CVE-2026-46300)\n  * kernel: Read root-owned files as an unprivileged user (CVE-2026-46333)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
  "id": "ALSA-2026:19666",
  "modified": "2026-05-20T17:51:05Z",
  "published": "2026-05-20T00:00:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2026:19666"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-46300"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-46333"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2477015"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2477802"
    },
    {
      "type": "ADVISORY",
      "url": "https://errata.almalinux.org/8/ALSA-2026-19666.html"
    }
  ],
  "related": [
    "CVE-2026-46300",
    "CVE-2026-46333"
  ],
  "summary": "Important: kernel security update"
}

CERTFR-2026-AVI-0623

Vulnerability from certfr_avis - Published: 2026-05-20 - Updated: 2026-05-21

De multiples vulnérabilités ont été découvertes dans les produits Microsoft. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service.

Microsoft indique que les vulnérabilités CVE-2026-41091 et CVE-2026-45498 sont activement exploitées.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Microsoft	N/A	azl3 kernel-hwe 6.12.0.0-1 versions antérieures à 6.12.89.1-1
Microsoft	N/A	azl3 python-urllib3 2.0.7-4 versions antérieures à 2.0.7-5
Microsoft	N/A	Microsoft Malware Protection Engine
Microsoft	N/A	azl3 vim 9.2.0392-1 versions antérieures à 9.2.0488-1
Microsoft	N/A	azl3 kernel 6.6.138.1-1
Microsoft	N/A	azl3 openvswitch 3.3.0-2 versions antérieures à 3.3.0-3
Microsoft	N/A	Microsoft Defender Antimalware Platform

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft CVE-2026-46333	2026-05-16	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-45498	2026-05-19	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-34956	2026-05-15	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-44431	2026-05-16	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-45584	2026-05-19	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-46483	2026-05-17	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-41091	2026-05-19	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "azl3 kernel-hwe 6.12.0.0-1 versions ant\u00e9rieures \u00e0 6.12.89.1-1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "azl3 python-urllib3 2.0.7-4 versions ant\u00e9rieures \u00e0 2.0.7-5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Malware Protection Engine",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "azl3 vim 9.2.0392-1 versions ant\u00e9rieures \u00e0 9.2.0488-1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "azl3 kernel 6.6.138.1-1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "azl3 openvswitch 3.3.0-2 versions ant\u00e9rieures \u00e0 3.3.0-3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Defender Antimalware Platform",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2026-34956",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-34956"
    },
    {
      "name": "CVE-2026-45584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-45584"
    },
    {
      "name": "CVE-2026-41091",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-41091"
    },
    {
      "name": "CVE-2026-46483",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-46483"
    },
    {
      "name": "CVE-2026-46333",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-46333"
    },
    {
      "name": "CVE-2026-44431",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-44431"
    },
    {
      "name": "CVE-2026-45498",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-45498"
    }
  ],
  "initial_release_date": "2026-05-20T00:00:00",
  "last_revision_date": "2026-05-21T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0623",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-05-20T00:00:00.000000"
    },
    {
      "description": "Ajout du bulletin de s\u00e9curit\u00e9 CVE-2026-46333.",
      "revision_date": "2026-05-21T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Microsoft. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service.\n\nMicrosoft indique que les vuln\u00e9rabilit\u00e9s CVE-2026-41091 et CVE-2026-45498 sont activement exploit\u00e9es.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Microsoft",
  "vendor_advisories": [
    {
      "published_at": "2026-05-16",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46333",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46333"
    },
    {
      "published_at": "2026-05-19",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45498",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45498"
    },
    {
      "published_at": "2026-05-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-34956",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-34956"
    },
    {
      "published_at": "2026-05-16",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-44431",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44431"
    },
    {
      "published_at": "2026-05-19",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45584",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45584"
    },
    {
      "published_at": "2026-05-17",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46483",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46483"
    },
    {
      "published_at": "2026-05-19",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-41091",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41091"
    }
  ]
}

CERTFR-2026-AVI-0636

Vulnerability from certfr_avis - Published: 2026-05-22 - Updated: 2026-05-22

Une vulnérabilité a été découverte dans le noyau Linux de Debian LTS. Elle permet à un attaquant de provoquer une élévation de privilèges et une atteinte à la confidentialité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

	Vendor	Product	Description
	Debian	Debian	Debian 11 bullseye versions antérieures à 6.1.172-1~deb11u1
	Debian	Debian	Debian 11 bullseye versions antérieures à 5.10.251-5

References

Title

Publication Time

Tags

Bulletin de sécurité Debian LTS msg00032	2026-05-16	vendor-advisory
Bulletin de sécurité Debian LTS msg00035	2026-05-19	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Debian 11 bullseye versions ant\u00e9rieures \u00e0 6.1.172-1~deb11u1",
      "product": {
        "name": "Debian",
        "vendor": {
          "name": "Debian",
          "scada": false
        }
      }
    },
    {
      "description": "Debian 11 bullseye versions ant\u00e9rieures \u00e0 5.10.251-5",
      "product": {
        "name": "Debian",
        "vendor": {
          "name": "Debian",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2026-46333",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-46333"
    }
  ],
  "initial_release_date": "2026-05-22T00:00:00",
  "last_revision_date": "2026-05-22T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0636",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-05-22T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans le noyau Linux de Debian LTS. Elle permet \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
  "title": "Vuln\u00e9rabilit\u00e9 dans le noyau Linux de Debian LTS",
  "vendor_advisories": [
    {
      "published_at": "2026-05-16",
      "title": "Bulletin de s\u00e9curit\u00e9 Debian LTS msg00032",
      "url": "https://lists.debian.org/debian-lts-announce/2026/05/msg00032.html"
    },
    {
      "published_at": "2026-05-19",
      "title": "Bulletin de s\u00e9curit\u00e9 Debian LTS msg00035",
      "url": "https://lists.debian.org/debian-lts-announce/2026/05/msg00035.html"
    }
  ]
}

CERTFR-2026-AVI-0637

Vulnerability from certfr_avis - Published: 2026-05-22 - Updated: 2026-05-22

De multiples vulnérabilités ont été découvertes dans le noyau Linux de Debian. Elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité des données et un déni de service.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

	Vendor	Product	Description
	Debian	Debian	Debian trixie versions antérieures à 6.12.88-1.
	Debian	Debian	Debian bookworm versions antérieures à 6.1.172-1.

References

Title

Publication Time

Tags

Bulletin de sécurité Debian msg00185	2026-05-15	vendor-advisory
Bulletin de sécurité Debian msg00186	2026-05-15	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Debian trixie versions ant\u00e9rieures \u00e0 6.12.88-1.\n",
      "product": {
        "name": "Debian",
        "vendor": {
          "name": "Debian",
          "scada": false
        }
      }
    },
    {
      "description": "Debian bookworm versions ant\u00e9rieures \u00e0 6.1.172-1.\n",
      "product": {
        "name": "Debian",
        "vendor": {
          "name": "Debian",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2026-43220",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-43220"
    },
    {
      "name": "CVE-2026-43490",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-43490"
    },
    {
      "name": "CVE-2026-46333",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-46333"
    },
    {
      "name": "CVE-2026-43109",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-43109"
    },
    {
      "name": "CVE-2026-31499",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-31499"
    },
    {
      "name": "CVE-2026-43088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-43088"
    }
  ],
  "initial_release_date": "2026-05-22T00:00:00",
  "last_revision_date": "2026-05-22T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0637",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-05-22T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de Debian. Elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un d\u00e9ni de service.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de Debian",
  "vendor_advisories": [
    {
      "published_at": "2026-05-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Debian msg00185",
      "url": "https://lists.debian.org/debian-security-announce/2026/msg00185.html"
    },
    {
      "published_at": "2026-05-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Debian msg00186",
      "url": "https://lists.debian.org/debian-security-announce/2026/msg00186.html"
    }
  ]
}

CERTFR-2026-AVI-0639

Vulnerability from certfr_avis - Published: 2026-05-22 - Updated: 2026-05-22

De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité et un problème de sécurité non spécifié par l'éditeur.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
SUSE	N/A	SUSE Linux Enterprise Micro for Rancher 5.3
SUSE	N/A	SUSE Linux Enterprise High Performance Computing 15 SP5
SUSE	N/A	SUSE Linux Micro Extras 6.0
SUSE	N/A	Public Cloud Module 15-SP7
SUSE	N/A	SUSE Linux Enterprise Micro 5.3
SUSE	N/A	SUSE Linux Enterprise Real Time 15 SP7
SUSE	N/A	SUSE Manager Proxy 4.3
SUSE	N/A	SUSE Linux Micro 6.1
SUSE	N/A	SUSE Linux Enterprise Workstation Extension 15 SP7
SUSE	N/A	SUSE Linux Enterprise High Performance Computing 12 SP5
SUSE	N/A	SUSE Linux Micro 6.0
SUSE	N/A	SUSE Linux Enterprise Server 12 SP5
SUSE	N/A	SUSE Linux Enterprise High Availability Extension 15 SP4
SUSE	N/A	Legacy Module 15-SP7
SUSE	N/A	SUSE Linux Enterprise Micro for Rancher 5.4
SUSE	N/A	SUSE Linux Enterprise High Availability Extension 15 SP7
SUSE	N/A	SUSE Linux Enterprise Live Patching 15-SP4
SUSE	N/A	SUSE Manager Retail Branch Server 4.3
SUSE	N/A	SUSE Linux Enterprise Server 12 SP5 LTSS
SUSE	N/A	SUSE Linux Enterprise Desktop 15 SP7
SUSE	N/A	SUSE Linux Enterprise Server High Availability Extension 16.0
SUSE	N/A	openSUSE Leap 15.4
SUSE	N/A	SUSE Linux Enterprise Server for SAP Applications 15 SP4
SUSE	N/A	SUSE Linux Enterprise Server for SAP Applications 15 SP7
SUSE	N/A	openSUSE Leap 15.5
SUSE	N/A	SUSE Manager Server 4.3
SUSE	N/A	SUSE Linux Micro Extras 6.1
SUSE	N/A	SUSE Linux Enterprise High Performance Computing 15 SP4
SUSE	N/A	SUSE Linux Enterprise Live Patching 15-SP6
SUSE	N/A	SUSE Linux Enterprise Server 15 SP5
SUSE	N/A	SUSE Linux Enterprise Server for SAP Applications 15 SP5
SUSE	N/A	SUSE Linux Enterprise Real Time 15 SP5
SUSE	N/A	SUSE Linux Enterprise Live Patching 12-SP5
SUSE	N/A	SUSE Linux Enterprise Server 15 SP7
SUSE	N/A	SUSE Linux Enterprise Live Patching 15-SP7
SUSE	N/A	SUSE Linux Enterprise Live Patching 15-SP5
SUSE	N/A	SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
SUSE	N/A	SUSE Linux Enterprise Server 15 SP6 LTSS
SUSE	N/A	SUSE Linux Enterprise Server 15 SP4 LTSS
SUSE	N/A	SUSE Linux Enterprise Real Time 15 SP6
SUSE	N/A	openSUSE Leap 15.6
SUSE	N/A	SUSE Linux Enterprise Server 15 SP4
SUSE	N/A	SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
SUSE	N/A	SUSE Linux Enterprise Server 15 SP5 LTSS
SUSE	N/A	SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
SUSE	N/A	SUSE Linux Enterprise Real Time 15 SP4
SUSE	N/A	SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
SUSE	N/A	Development Tools Module 15-SP7
SUSE	N/A	SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE	N/A	SUSE Linux Enterprise Micro 5.4
SUSE	N/A	Basesystem Module 15-SP7
SUSE	N/A	SUSE Linux Enterprise High Availability Extension 15 SP6
SUSE	N/A	SUSE Linux Enterprise Server for SAP Applications 15 SP6
SUSE	N/A	SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
SUSE	N/A	SUSE Linux Enterprise Server 15 SP6
SUSE	N/A	SUSE Real Time Module 15-SP7
SUSE	N/A	SUSE Linux Enterprise Micro 5.5

References

Title

Publication Time

Tags

Bulletin de sécurité SUSE SUSE-SU-2026:21645-1	2026-05-15	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2026:1885-1	2026-05-17	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2026:1909-1	2026-05-17	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2026:1960-1	2026-05-18	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2026:1997-1	2026-05-18	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2026:1905-1	2026-05-17	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2026:21638-1	2026-05-12	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2026:1906-1	2026-05-17	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2026:21624-1	2026-05-12	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2026:1899-1	2026-05-17	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2026:21684-1	2026-05-15	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2026:1917-1	2026-05-18	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2026:1878-1	2026-05-16	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2026:1873-1	2026-05-15	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2026:1959-1	2026-05-18	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2026:21690-1	2026-05-15	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2026:21674-1	2026-05-15	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2026:21639-1	2026-05-11	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2026:21643-1	2026-05-11	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2026:1907-1	2026-05-17	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2026:1900-1	2026-05-17	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2026:1904-1	2026-05-17	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2026:1978-1	2026-05-18	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2026:21644-1	2026-05-12	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2026:21642-1	2026-05-12	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2026:21623-1	2026-05-11	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2026:21636-1	2026-05-12	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2026:21616-1	2026-05-12	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2026:1896-1	2026-05-17	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2026:1877-1	2026-05-16	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2026:1908-1	2026-05-17	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2026:21646-1	2026-05-15	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2026:1880-1	2026-05-16	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2026:21625-1	2026-05-12	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2026:21622-1	2026-05-11	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2026:1875-1	2026-05-15	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2026:21632-1	2026-05-11	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2026:1994-1	2026-05-18	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SUSE Linux Enterprise Micro for Rancher 5.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Micro Extras 6.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "Public Cloud Module 15-SP7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro 5.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Real Time 15 SP7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Proxy 4.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Micro 6.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Workstation Extension 15 SP7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 12 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Micro 6.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 12 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Availability Extension 15 SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "Legacy Module 15-SP7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro for Rancher 5.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Availability Extension 15 SP7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Live Patching 15-SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Retail Branch Server 4.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 12 SP5 LTSS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Desktop 15 SP7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server High Availability Extension 16.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "openSUSE Leap 15.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 15 SP7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "openSUSE Leap 15.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Server 4.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Micro Extras 6.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15 SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Live Patching 15-SP6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Real Time 15 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Live Patching 12-SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15 SP7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Live Patching 15-SP7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Live Patching 15-SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing LTSS 15 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15 SP6 LTSS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15 SP4 LTSS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Real Time 15 SP6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "openSUSE Leap 15.6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15 SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15 SP5 LTSS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing LTSS 15 SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Real Time 15 SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "Development Tools Module 15-SP7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro 5.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "Basesystem Module 15-SP7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Availability Extension 15 SP6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15 SP6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Real Time Module 15-SP7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro 5.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2026-43284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-43284"
    },
    {
      "name": "CVE-2026-43500",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-43500"
    },
    {
      "name": "CVE-2026-46300",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-46300"
    },
    {
      "name": "CVE-2025-54518",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-54518"
    },
    {
      "name": "CVE-2026-46333",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-46333"
    }
  ],
  "initial_release_date": "2026-05-22T00:00:00",
  "last_revision_date": "2026-05-22T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0639",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-05-22T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de SUSE. Elles permettent \u00e0 un attaquant de provoquer un contournement de la politique de s\u00e9curit\u00e9 et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
  "vendor_advisories": [
    {
      "published_at": "2026-05-15",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:21645-1",
      "url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621645-1"
    },
    {
      "published_at": "2026-05-17",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1885-1",
      "url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261885-1"
    },
    {
      "published_at": "2026-05-17",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1909-1",
      "url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261909-1"
    },
    {
      "published_at": "2026-05-18",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1960-1",
      "url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261960-1"
    },
    {
      "published_at": "2026-05-18",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1997-1",
      "url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261997-1"
    },
    {
      "published_at": "2026-05-17",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1905-1",
      "url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261905-1"
    },
    {
      "published_at": "2026-05-12",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:21638-1",
      "url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621638-1"
    },
    {
      "published_at": "2026-05-17",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1906-1",
      "url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261906-1"
    },
    {
      "published_at": "2026-05-12",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:21624-1",
      "url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621624-1"
    },
    {
      "published_at": "2026-05-17",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1899-1",
      "url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261899-1"
    },
    {
      "published_at": "2026-05-15",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:21684-1",
      "url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621684-1"
    },
    {
      "published_at": "2026-05-18",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1917-1",
      "url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261917-1"
    },
    {
      "published_at": "2026-05-16",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1878-1",
      "url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261878-1"
    },
    {
      "published_at": "2026-05-15",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1873-1",
      "url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261873-1"
    },
    {
      "published_at": "2026-05-18",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1959-1",
      "url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261959-1"
    },
    {
      "published_at": "2026-05-15",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:21690-1",
      "url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621690-1"
    },
    {
      "published_at": "2026-05-15",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:21674-1",
      "url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621674-1"
    },
    {
      "published_at": "2026-05-11",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:21639-1",
      "url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621639-1"
    },
    {
      "published_at": "2026-05-11",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:21643-1",
      "url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621643-1"
    },
    {
      "published_at": "2026-05-17",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1907-1",
      "url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261907-1"
    },
    {
      "published_at": "2026-05-17",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1900-1",
      "url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261900-1"
    },
    {
      "published_at": "2026-05-17",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1904-1",
      "url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261904-1"
    },
    {
      "published_at": "2026-05-18",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1978-1",
      "url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261978-1"
    },
    {
      "published_at": "2026-05-12",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:21644-1",
      "url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621644-1"
    },
    {
      "published_at": "2026-05-12",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:21642-1",
      "url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621642-1"
    },
    {
      "published_at": "2026-05-11",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:21623-1",
      "url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621623-1"
    },
    {
      "published_at": "2026-05-12",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:21636-1",
      "url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621636-1"
    },
    {
      "published_at": "2026-05-12",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:21616-1",
      "url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621616-1"
    },
    {
      "published_at": "2026-05-17",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1896-1",
      "url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261896-1"
    },
    {
      "published_at": "2026-05-16",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1877-1",
      "url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261877-1"
    },
    {
      "published_at": "2026-05-17",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1908-1",
      "url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261908-1"
    },
    {
      "published_at": "2026-05-15",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:21646-1",
      "url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621646-1"
    },
    {
      "published_at": "2026-05-16",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1880-1",
      "url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261880-1"
    },
    {
      "published_at": "2026-05-12",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:21625-1",
      "url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621625-1"
    },
    {
      "published_at": "2026-05-11",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:21622-1",
      "url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621622-1"
    },
    {
      "published_at": "2026-05-15",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1875-1",
      "url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261875-1"
    },
    {
      "published_at": "2026-05-11",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:21632-1",
      "url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621632-1"
    },
    {
      "published_at": "2026-05-18",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1994-1",
      "url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261994-1"
    }
  ]
}

CERTFR-2026-AVI-0640

Vulnerability from certfr_avis - Published: 2026-05-22 - Updated: 2026-05-22

De multiples vulnérabilités ont été découvertes dans le noyau Linux de Red Hat. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation de privilèges et une atteinte à la confidentialité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Red Hat	N/A	Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8 x86_64
Red Hat	N/A	Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 10.0 x86_64
Red Hat	N/A	Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0 ppc64le
Red Hat	N/A	Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.0 x86_64
Red Hat	N/A	Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0 ppc64le
Red Hat	N/A	Red Hat Enterprise Linux Server - AUS 8.6 x86_64
Red Hat	N/A	Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0 s390x
Red Hat	N/A	Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64
Red Hat	N/A	Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0 aarch64
Red Hat	N/A	Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat	N/A	Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat	N/A	Red Hat Enterprise Linux Server - TUS 8.6 x86_64
Red Hat	N/A	Red Hat Enterprise Linux Server - TUS 8.8 x86_64
Red Hat	N/A	Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.0 s390x
Red Hat	N/A	Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 10.0 s390x
Red Hat	N/A	Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64
Red Hat	N/A	Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
Red Hat	N/A	Red Hat CodeReady Linux Builder for x86_64 8 x86_64
Red Hat	N/A	Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 10.0 ppc64le
Red Hat	N/A	Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
Red Hat	N/A	Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64
Red Hat	N/A	Red Hat Enterprise Linux Server - AUS 8.4 x86_64
Red Hat	N/A	Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 8.10 ppc64le
Red Hat	N/A	Red Hat Enterprise Linux for Real Time for NFV 8 x86_64
Red Hat	N/A	Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.4 x86_64
Red Hat	N/A	Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64
Red Hat	N/A	Red Hat Enterprise Linux for ARM 64 8 aarch64
Red Hat	N/A	Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le
Red Hat	N/A	Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.0 aarch64
Red Hat	N/A	Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 8.10 s390x
Red Hat	N/A	Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0 s390x
Red Hat	N/A	Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le
Red Hat	N/A	Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 8.10 aarch64
Red Hat	N/A	Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0 aarch64
Red Hat	N/A	Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat	N/A	Red Hat Enterprise Linux for Real Time 8 x86_64
Red Hat	N/A	Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
Red Hat	N/A	Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.2 x86_64
Red Hat	N/A	Red Hat Enterprise Linux for ARM 64 10 aarch64
Red Hat	N/A	Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 10.0 aarch64
Red Hat	N/A	Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.6 x86_64
Red Hat	N/A	Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0 x86_64
Red Hat	N/A	Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 8.10 x86_64

References

Title

Publication Time

Tags

Bulletin de sécurité Red Hat RHSA-2026:19711	2026-05-20	vendor-advisory
Bulletin de sécurité Red Hat RHSA-2026:19664	2026-05-20	vendor-advisory
Bulletin de sécurité Red Hat RHSA-2026:19521	2026-05-20	vendor-advisory
Bulletin de sécurité Red Hat RHSA-2026:19540	2026-05-20	vendor-advisory
Bulletin de sécurité Red Hat RHSA-2026:19875	2026-05-20	vendor-advisory
Bulletin de sécurité Red Hat RHSA-2026:20130	2026-05-21	vendor-advisory
Bulletin de sécurité Red Hat RHSA-2026:19705	2026-05-20	vendor-advisory
Bulletin de sécurité Red Hat RHSA-2026:17795	2026-05-15	vendor-advisory
Bulletin de sécurité Red Hat RHSA-2026:20051	2026-05-21	vendor-advisory
Bulletin de sécurité Red Hat RHSA-2026:20299	2026-05-21	vendor-advisory
Bulletin de sécurité Red Hat RHSA-2026:19666	2026-05-20	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8 x86_64",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 10.0 x86_64",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0 ppc64le",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.0 x86_64",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0 ppc64le",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux Server - AUS 8.6 x86_64",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0 s390x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0 aarch64",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux for Power, little endian 8 ppc64le",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux for IBM z Systems 8 s390x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux Server - TUS 8.6 x86_64",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux Server - TUS 8.8 x86_64",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.0 s390x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 10.0 s390x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat CodeReady Linux Builder for ARM 64 8 aarch64",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat CodeReady Linux Builder for x86_64 8 x86_64",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 10.0 ppc64le",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux Server - AUS 8.4 x86_64",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 8.10 ppc64le",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux for Real Time for NFV 8 x86_64",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.4 x86_64",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux for ARM 64 8 aarch64",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.0 aarch64",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 8.10 s390x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0 s390x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 8.10 aarch64",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0 aarch64",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux for x86_64 8 x86_64",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux for Real Time 8 x86_64",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.2 x86_64",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux for ARM 64 10 aarch64",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 10.0 aarch64",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.6 x86_64",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0 x86_64",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 8.10 x86_64",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2026-43284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-43284"
    },
    {
      "name": "CVE-2026-23401",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23401"
    },
    {
      "name": "CVE-2025-38024",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38024"
    },
    {
      "name": "CVE-2026-23191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23191"
    },
    {
      "name": "CVE-2025-21999",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
    },
    {
      "name": "CVE-2026-46300",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-46300"
    },
    {
      "name": "CVE-2026-23243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23243"
    },
    {
      "name": "CVE-2026-31419",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-31419"
    },
    {
      "name": "CVE-2026-31532",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-31532"
    },
    {
      "name": "CVE-2026-46333",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-46333"
    },
    {
      "name": "CVE-2025-71238",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-71238"
    }
  ],
  "initial_release_date": "2026-05-22T00:00:00",
  "last_revision_date": "2026-05-22T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0640",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-05-22T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de Red Hat. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de Red Hat",
  "vendor_advisories": [
    {
      "published_at": "2026-05-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2026:19711",
      "url": "https://access.redhat.com/errata/RHSA-2026:19711"
    },
    {
      "published_at": "2026-05-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2026:19664",
      "url": "https://access.redhat.com/errata/RHSA-2026:19664"
    },
    {
      "published_at": "2026-05-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2026:19521",
      "url": "https://access.redhat.com/errata/RHSA-2026:19521"
    },
    {
      "published_at": "2026-05-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2026:19540",
      "url": "https://access.redhat.com/errata/RHSA-2026:19540"
    },
    {
      "published_at": "2026-05-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2026:19875",
      "url": "https://access.redhat.com/errata/RHSA-2026:19875"
    },
    {
      "published_at": "2026-05-21",
      "title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2026:20130",
      "url": "https://access.redhat.com/errata/RHSA-2026:20130"
    },
    {
      "published_at": "2026-05-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2026:19705",
      "url": "https://access.redhat.com/errata/RHSA-2026:19705"
    },
    {
      "published_at": "2026-05-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2026:17795",
      "url": "https://access.redhat.com/errata/RHSA-2026:17795"
    },
    {
      "published_at": "2026-05-21",
      "title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2026:20051",
      "url": "https://access.redhat.com/errata/RHSA-2026:20051"
    },
    {
      "published_at": "2026-05-21",
      "title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2026:20299",
      "url": "https://access.redhat.com/errata/RHSA-2026:20299"
    },
    {
      "published_at": "2026-05-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2026:19666",
      "url": "https://access.redhat.com/errata/RHSA-2026:19666"
    }
  ]
}

FKIE_CVE-2026-46333

Vulnerability from fkie_nvd - Published: 2026-05-15 14:16 - Updated: 2026-05-21 14:16

Severity ?

7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Summary

References

	URL	Tags
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/01363cb3fbd0238ffdeb09f53e9039c9edf8a730
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/15b828a46f305ae9f05a7c16914b3ce273474205
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/2a93a4fac7b6051d3be7cd1b015fe7320cd0404d
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/31e62c2ebbfdc3fe3dbdf5e02c92a9dc67087a3a
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/4709234fd1b95136ceb789f639b1e7ea5de1b181
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/6e5b51e74a40d377bcd3081dd33fbaa0e1aa7e3d
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/8f907d345bae8f4b3f004c5abc56bf2dfb851ea7
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/93d4ba49d18e3d7fb41a9927c2d0cca5e9dfefd6
	af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2026/05/15/9
	af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2026/05/20/14
	af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2026/05/20/16
	af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2026/05/msg00032.html
	af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2026/05/msg00035.html
	134c704f-9b21-4f2e-91b3-4a467353bcc0	https://github.com/0xdeadbeefnetwork/ssh-keysign-pwn/

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nptrace: slightly saner \u0027get_dumpable()\u0027 logic\n\nThe \u0027dumpability\u0027 of a task is fundamentally about the memory image of\nthe task - the concept comes from whether it can core dump or not - and\nmakes no sense when you don\u0027t have an associated mm.\n\nAnd almost all users do in fact use it only for the case where the task\nhas a mm pointer.\n\nBut we have one odd special case: ptrace_may_access() uses \u0027dumpable\u0027 to\ncheck various other things entirely independently of the MM (typically\nexplicitly using flags like PTRACE_MODE_READ_FSCREDS).  Including for\nthreads that no longer have a VM (and maybe never did, like most kernel\nthreads).\n\nIt\u0027s not what this flag was designed for, but it is what it is.\n\nThe ptrace code does check that the uid/gid matches, so you do have to\nbe uid-0 to see kernel thread details, but this means that the\ntraditional \"drop capabilities\" model doesn\u0027t make any difference for\nthis all.\n\nMake it all make a *bit* more sense by saying that if you don\u0027t have a\nMM pointer, we\u0027ll use a cached \"last dumpability\" flag if the thread\never had a MM (it will be zero for kernel threads since it is never\nset), and require a proper CAP_SYS_PTRACE capability to override."
    }
  ],
  "id": "CVE-2026-46333",
  "lastModified": "2026-05-21T14:16:48.910",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 7.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.2,
        "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "type": "Secondary"
      }
    ]
  },
  "published": "2026-05-15T14:16:35.793",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/01363cb3fbd0238ffdeb09f53e9039c9edf8a730"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/15b828a46f305ae9f05a7c16914b3ce273474205"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/2a93a4fac7b6051d3be7cd1b015fe7320cd0404d"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/31e62c2ebbfdc3fe3dbdf5e02c92a9dc67087a3a"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/4709234fd1b95136ceb789f639b1e7ea5de1b181"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/6e5b51e74a40d377bcd3081dd33fbaa0e1aa7e3d"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/8f907d345bae8f4b3f004c5abc56bf2dfb851ea7"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/93d4ba49d18e3d7fb41a9927c2d0cca5e9dfefd6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2026/05/15/9"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2026/05/20/14"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2026/05/20/16"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.debian.org/debian-lts-announce/2026/05/msg00032.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.debian.org/debian-lts-announce/2026/05/msg00035.html"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "url": "https://github.com/0xdeadbeefnetwork/ssh-keysign-pwn/"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Received",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-269"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

GHSA-PM8F-4P6P-6X53

Vulnerability from github – Published: 2026-05-15 15:30 – Updated: 2026-05-20 21:31

Details

In the Linux kernel, the following vulnerability has been resolved:

ptrace: slightly saner 'get_dumpable()' logic

The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when you don't have an associated mm.

And almost all users do in fact use it only for the case where the task has a mm pointer.

But we have one odd special case: ptrace_may_access() uses 'dumpable' to check various other things entirely independently of the MM (typically explicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for threads that no longer have a VM (and maybe never did, like most kernel threads).

It's not what this flag was designed for, but it is what it is.

The ptrace code does check that the uid/gid matches, so you do have to be uid-0 to see kernel thread details, but this means that the traditional "drop capabilities" model doesn't make any difference for this all.

Make it all make a bit more sense by saying that if you don't have a MM pointer, we'll use a cached "last dumpability" flag if the thread ever had a MM (it will be zero for kernel threads since it is never set), and require a proper CAP_SYS_PTRACE capability to override.

Severity ?

5.5 (Medium)


                  
                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2026-46333"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-15T14:16:35Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nptrace: slightly saner \u0027get_dumpable()\u0027 logic\n\nThe \u0027dumpability\u0027 of a task is fundamentally about the memory image of\nthe task - the concept comes from whether it can core dump or not - and\nmakes no sense when you don\u0027t have an associated mm.\n\nAnd almost all users do in fact use it only for the case where the task\nhas a mm pointer.\n\nBut we have one odd special case: ptrace_may_access() uses \u0027dumpable\u0027 to\ncheck various other things entirely independently of the MM (typically\nexplicitly using flags like PTRACE_MODE_READ_FSCREDS).  Including for\nthreads that no longer have a VM (and maybe never did, like most kernel\nthreads).\n\nIt\u0027s not what this flag was designed for, but it is what it is.\n\nThe ptrace code does check that the uid/gid matches, so you do have to\nbe uid-0 to see kernel thread details, but this means that the\ntraditional \"drop capabilities\" model doesn\u0027t make any difference for\nthis all.\n\nMake it all make a *bit* more sense by saying that if you don\u0027t have a\nMM pointer, we\u0027ll use a cached \"last dumpability\" flag if the thread\never had a MM (it will be zero for kernel threads since it is never\nset), and require a proper CAP_SYS_PTRACE capability to override.",
  "id": "GHSA-pm8f-4p6p-6x53",
  "modified": "2026-05-20T21:31:29Z",
  "published": "2026-05-15T15:30:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46333"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/01363cb3fbd0238ffdeb09f53e9039c9edf8a730"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/15b828a46f305ae9f05a7c16914b3ce273474205"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2a93a4fac7b6051d3be7cd1b015fe7320cd0404d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/31e62c2ebbfdc3fe3dbdf5e02c92a9dc67087a3a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4709234fd1b95136ceb789f639b1e7ea5de1b181"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6e5b51e74a40d377bcd3081dd33fbaa0e1aa7e3d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/8f907d345bae8f4b3f004c5abc56bf2dfb851ea7"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/93d4ba49d18e3d7fb41a9927c2d0cca5e9dfefd6"
    },
    {
      "type": "WEB",
      "url": "https://github.com/0xdeadbeefnetwork/ssh-keysign-pwn"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2026/05/msg00032.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2026/05/msg00035.html"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2026/05/15/9"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2026/05/20/14"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2026/05/20/16"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

MSRC_CVE-2026-46333

Vulnerability from csaf_microsoft - Published: 2026-05-02 00:00 - Updated: 2026-05-21 01:01

Summary

ptrace: slightly saner 'get_dumpable()' logic

Notes

Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle

Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

CVE-2026-46333

Affected products

Fixed 2 products

Product	Identifier	Version	Remediation
Unresolved product id: 21346-17084		—
Unresolved product id: 21332-17084		—

Known affected 2 products

Product	Identifier	Version	Remediation
Unresolved product id: 17084-1		—	Vendor Fix fix
Unresolved product id: 17084-2		—

References

4 references

URL	Category
https://msrc.microsoft.com/csaf/vex/2026/msrc_cve…	self
https://support.microsoft.com/lifecycle	external
https://www.first.org/cvss	external
https://msrc.microsoft.com/csaf/vex/2026/msrc_cve…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_vex",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Public",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
        "title": "Disclaimer"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "secure@microsoft.com",
      "name": "Microsoft Security Response Center",
      "namespace": "https://msrc.microsoft.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "CVE-2026-46333 ptrace: slightly saner \u0027get_dumpable()\u0027 logic - VEX",
        "url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-46333.json"
      },
      {
        "category": "external",
        "summary": "Microsoft Support Lifecycle",
        "url": "https://support.microsoft.com/lifecycle"
      },
      {
        "category": "external",
        "summary": "Common Vulnerability Scoring System",
        "url": "https://www.first.org/cvss"
      }
    ],
    "title": "ptrace: slightly saner \u0027get_dumpable()\u0027 logic",
    "tracking": {
      "current_release_date": "2026-05-21T01:01:46.000Z",
      "generator": {
        "date": "2026-05-21T07:12:27.334Z",
        "engine": {
          "name": "MSRC Generator",
          "version": "1.0"
        }
      },
      "id": "msrc_CVE-2026-46333",
      "initial_release_date": "2026-05-02T00:00:00.000Z",
      "revision_history": [
        {
          "date": "2026-05-16T01:05:42.000Z",
          "legacy_version": "1",
          "number": "1",
          "summary": "Information published."
        },
        {
          "date": "2026-05-16T14:39:18.000Z",
          "legacy_version": "2",
          "number": "2",
          "summary": "Information published."
        },
        {
          "date": "2026-05-21T01:01:46.000Z",
          "legacy_version": "3",
          "number": "3",
          "summary": "Information published."
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "3.0",
                "product": {
                  "name": "Azure Linux 3.0",
                  "product_id": "17084"
                }
              }
            ],
            "category": "product_name",
            "name": "Azure Linux"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cazl3 kernel-hwe 0:6.12.0.0-1.azl3",
                "product": {
                  "name": "\u003cazl3 kernel-hwe 0:6.12.0.0-1.azl3",
                  "product_id": "1"
                }
              },
              {
                "category": "product_version",
                "name": "azl3 kernel-hwe 0:6.12.0.0-1.azl3",
                "product": {
                  "name": "azl3 kernel-hwe 0:6.12.0.0-1.azl3",
                  "product_id": "21346"
                }
              }
            ],
            "category": "product_name",
            "name": "kernel-hwe"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cazl3 kernel 0:6.6.138.1-1.azl3",
                "product": {
                  "name": "\u003cazl3 kernel 0:6.6.138.1-1.azl3",
                  "product_id": "2"
                }
              },
              {
                "category": "product_version",
                "name": "azl3 kernel 0:6.6.138.1-1.azl3",
                "product": {
                  "name": "azl3 kernel 0:6.6.138.1-1.azl3",
                  "product_id": "21332"
                }
              }
            ],
            "category": "product_name",
            "name": "kernel"
          }
        ],
        "category": "vendor",
        "name": "Microsoft"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003cazl3 kernel-hwe 0:6.12.0.0-1.azl3 as a component of Azure Linux 3.0",
          "product_id": "17084-1"
        },
        "product_reference": "1",
        "relates_to_product_reference": "17084"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "azl3 kernel-hwe 0:6.12.0.0-1.azl3 as a component of Azure Linux 3.0",
          "product_id": "21346-17084"
        },
        "product_reference": "21346",
        "relates_to_product_reference": "17084"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003cazl3 kernel 0:6.6.138.1-1.azl3 as a component of Azure Linux 3.0",
          "product_id": "17084-2"
        },
        "product_reference": "2",
        "relates_to_product_reference": "17084"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "azl3 kernel 0:6.6.138.1-1.azl3 as a component of Azure Linux 3.0",
          "product_id": "21332-17084"
        },
        "product_reference": "21332",
        "relates_to_product_reference": "17084"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-46333",
      "notes": [
        {
          "category": "general",
          "text": "Linux",
          "title": "Assigning CNA"
        }
      ],
      "product_status": {
        "fixed": [
          "21346-17084",
          "21332-17084"
        ],
        "known_affected": [
          "17084-1",
          "17084-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-46333 ptrace: slightly saner \u0027get_dumpable()\u0027 logic - VEX",
          "url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-46333.json"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-16T01:05:42.000Z",
          "details": "0:6.12.89.1-1.azl3:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
          "product_ids": [
            "17084-1"
          ],
          "url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
        }
      ],
      "title": "ptrace: slightly saner \u0027get_dumpable()\u0027 logic"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2026-46333 (GCVE-0-2026-46333)

Vulnerability from osv_almalinux

Vulnerability from osv_almalinux

Solutions

Solutions

Solutions

Solutions

Solutions

Tags

Sightings

Nomenclature