Enterpriselinux

By the Year

In 2026 there have been 0 vulnerabilities in Enterpriselinux. Last year, in 2025 Enterpriselinux had 6 security vulnerabilities published. Right now, Enterpriselinux is on track to have less security vulnerabilities in 2026 than it did last year.

Recent Enterpriselinux Security Vulnerabilities

CVE	Date	Vulnerability	Products
CVE-2025-9784	Sep 02, 2025	Undertow DoS via MadeYouReset Server-Reset Abuse A flaw was found in Undertow where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the "MadeYouReset" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts. While not a protocol bug, this highlights a common implementation weakness that can be exploited to cause a denial of service (DoS).	8 9
CVE-2025-8941	Aug 13, 2025	Linux-PAM pam_namespace LPE via Symlink Race A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020.	8 9
CVE-2025-7425	Jul 10, 2025	libxslt Heap Corruption via atype Flag Manipulation A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key() process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may access freed memory, causing crashes or enabling attackers to trigger heap corruption.	8 9 10 And others...
CVE-2025-6020	Jun 17, 2025	PAM Namespace Race: Local Priv Escal via Symlinks in linux-pam A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.	8 9
CVE-2025-6021	Jun 12, 2025	Stack Overflow in libxml2 xmlBuildQName (CVE-2025-6021) A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.	10 0 8 9 And others...
CVE-2025-5914	Jun 09, 2025	Integer Overflow in libarchive RAR Reader Causes Double-Free A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.	10 0 8 9 And others...