Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– Drivers core;
– Ext4 file system;
– JFS file system;
– Network namespace;
– CAIF protocol;
– Networking core;
– IPv6 networking;
(CVE-2024-56658, CVE-2021-47119, CVE-2024-56600, CVE-2021-47122,
CVE-2021-47483, CVE-2024-56595)
Category Archives: Advisories
Kubernetes Ingress-nginx Controller RCE
What is the Vulnerability?On March 24, researchers disclosed a set of five vulnerabilities, collectively known as “IngressNightmare,” affecting Ingress-nginx, one of the popular ingress controllers available for Kubernetes. Using Ingress-NGINX is one of the most common methods for exposing Kubernetes applications externally.CVE-2025-1974 is considered the most serious of the five and has been assigned a CVSS score of 9.8 (critical). When chained with one of the lower severity vulnerabilities, it allows for unauthenticated remote code execution. This exploitation could result in the exposure of sensitive information that the controller can access. Consequently, unauthenticated attackers have the potential to compromise the system by executing unauthorized code.What is the recommended Mitigation?Kubernetes has responded publicly to the disclosure of CVE-2025-1974, encouraging users to install patches released by the Ingress-nginx team that remediates CVE-2025-1974 including all five vulnerabilities listed: https://github.com/kubernetes/ingress-nginx/releasesFortiGuard Labs recommends users to follow instructions and mitigation steps as mentioned on the vendor’s advisory and follow other mitigation guidance: Ingress-nginx CVE-2025-1974: What You Need to Know | KubernetesFirst, determine if your clusters are using ingress-nginx.Enforce strict network policies so only the Kubernetes API Server can access the admission controller.Temporarily disable the admission controller component of Ingress-NGINX if you cannot upgrade right away.What FortiGuard Coverage is available?Lacework FortiCNAPP has available Continuous Security and Posture Analysis: How does Lacework FortiCNAPP Protect from… – Fortinet Community-Behavior Anomaly Detection flags, such as unexplained container processes and suspicious user activities, aligning with CVE-2025-1974. -Posture analysis that detects high-risk Kubernetes settings, such as enabled snippet annotations, and identifies additional misconfigurations (e.g. privileged containers or open service ports).The FortiGuard Incident Response team can be engaged to help with any suspected compromise.FortiGuard Labs will provide updates as more information becomes available.
perl-Compress-Raw-Lzma-2.212-6.fc41 xz-5.8.1-1.fc41.1
FEDORA-2025-051becf4f2
Packages in this update:
perl-Compress-Raw-Lzma-2.212-6.fc41
xz-5.8.1-1.fc41.1
Update description:
xz 5.8.1
perl-Compress-Raw-Lzma-2.209-9.fc40 xz-5.8.1-1.1.fc40
FEDORA-2025-4871b31998
Packages in this update:
perl-Compress-Raw-Lzma-2.209-9.fc40
xz-5.8.1-1.1.fc40
Update description:
xz 5.8.1
Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution.
Mozilla Firefox is a web browser used to access the Internet.Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations.Mozilla Thunderbird is an email client.
Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
A Vulnerability in Ivanti Products Could Allow for Remote Code Execution
A Vulnerability has been discovered in Ivanti Connect Secure, Policy Secure, and ZTA Gateways which could allow for remote code execution.
Ivanti Connect Secure (formerly Pulse Connect Secure) is a widely deployed SSL VPN solution that provides secure and controlled access to corporate data and applications for remote and mobile users, offering features like single sign-on, multi-factor authentication, and integration with various security frameworks.Ivanti Policy Secure (IPS) is a Network Access Control (NAC) solution that provides network access only to authorized and secured users and devices, offering comprehensive NAC management, visibility, and monitoring to protect networks and sensitive data.Ivanti Neurons for Zero Trust Access (ZTA) Gateway is a component of Ivanti’s zero-trust network access solution
Successful exploitation could allow for remote code execution in the context of the system. Depending on the privileges associated with the system, an attacker could then install programs; view, change, or delete data.
xz-5.8.1-1.fc40
FEDORA-2025-258ab1c008
Packages in this update:
xz-5.8.1-1.fc40
Update description:
New upstream version 5.8.1
xz-5.8.1-1.fc41
FEDORA-2025-fec4b37bc7
Packages in this update:
xz-5.8.1-1.fc41
Update description:
New upstream version 5.8.1
xz-5.8.1-1.fc42
FEDORA-2025-76264ecf04
Packages in this update:
xz-5.8.1-1.fc42
Update description:
New upstream version 5.8.1
USN-7414-1: XZ Utils vulnerability
Harri K. Koskinen discovered that XZ Utils incorrectly handled the threaded
xz decoder. If a user or automated system were tricked into processing an
xz file, a remote attacker could use this issue to cause XZ Utils to crash,
resulting in a denial of service, or possibly execute arbitrary code.