apk package
chainguard/linux-qemu-6.18-bootc-boot-installed
pkg:apk/chainguard/linux-qemu-6.18-bootc-boot-installed
Vulnerabilities (85)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-71074 | — | < 6.18.21-r0 | 6.18.21-r0 | Jan 13, 2026 | In the Linux kernel, the following vulnerability has been resolved: functionfs: fix the open/removal races ffs_epfile_open() can race with removal, ending up with file->private_data pointing to freed object. There is a total count of opened files on functionfs (both ep0 and dy | ||
| CVE-2023-6240 | — | < 6.18.21-r0 | 6.18.21-r0 | Feb 4, 2024 | A Marvin vulnerability side-channel leakage was found in the RSA decryption operation in the Linux Kernel. This issue may allow a network attacker to decrypt ciphertexts or forge signatures, limiting the services that use that private key. | ||
| CVE-2022-4543 | — | < 6.18.21-r0 | 6.18.21-r0 | Jan 11, 2023 | A flaw named "EntryBleed" was found in the Linux Kernel Page Table Isolation (KPTI). This issue could allow a local attacker to leak KASLR base via prefetch side-channels based on TLB timing for Intel systems. | ||
| CVE-2010-4563 | — | < 6.18.18-r0 | 6.18.18-r0 | Feb 2, 2012 | The Linux kernel, when using IPv6, allows remote attackers to determine whether a host is sniffing the network by sending an ICMPv6 Echo Request to a multicast address and determining whether an Echo Reply is sent, as demonstrated by thcping. | ||
| CVE-2008-4609 | — | < 6.18.18-r0 | 6.18.18-r0 | Oct 20, 2008 | The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate informatio |
- CVE-2025-71074Jan 13, 2026affected < 6.18.21-r0fixed 6.18.21-r0
In the Linux kernel, the following vulnerability has been resolved: functionfs: fix the open/removal races ffs_epfile_open() can race with removal, ending up with file->private_data pointing to freed object. There is a total count of opened files on functionfs (both ep0 and dy
- CVE-2023-6240Feb 4, 2024affected < 6.18.21-r0fixed 6.18.21-r0
A Marvin vulnerability side-channel leakage was found in the RSA decryption operation in the Linux Kernel. This issue may allow a network attacker to decrypt ciphertexts or forge signatures, limiting the services that use that private key.
- CVE-2022-4543Jan 11, 2023affected < 6.18.21-r0fixed 6.18.21-r0
A flaw named "EntryBleed" was found in the Linux Kernel Page Table Isolation (KPTI). This issue could allow a local attacker to leak KASLR base via prefetch side-channels based on TLB timing for Intel systems.
- CVE-2010-4563Feb 2, 2012affected < 6.18.18-r0fixed 6.18.18-r0
The Linux kernel, when using IPv6, allows remote attackers to determine whether a host is sniffing the network by sending an ICMPv6 Echo Request to a multicast address and determining whether an Echo Reply is sent, as demonstrated by thcping.
- CVE-2008-4609Oct 20, 2008affected < 6.18.18-r0fixed 6.18.18-r0
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate informatio
Page 5 of 5