USN-7769-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACP...

USN-7776-1 linux-oracle-5.15 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA...

USN-7775-1: Linux kernel (Azure FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA...

USN-7774-3: Linux kernel (Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA...

USN-7769-2: Linux kernel (Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACP...

USN-7771-1: Linux kernel (OEM) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACP...

USN-7770-1: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACP...

Scattered Spider Resurfaces With Financial Sector Attacks Despite Retirement Claims

Cybersecurity researchers have tied a fresh round of cyber attacks targeting financial services to the notorious cybercrime group known as Scattered Spider, casting doubt on their claims of going "dark." Threat intelligence firm ReliaQuest said it has observed indications that the threat actor ha...

CLSA-2025-1758034087 kernel: Fix of 24 CVEs

tls: always refresh the queue when reading sock CVE-2025-38471 - Bluetooth: hcicore: Fix use-after-free in vhciflush CVE-2025-38250 - i2c/designware: Fix an initialization issue CVE-2025-38380 - wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds CVE-2025-38159 - mm/hugetlb:...

UBUNTU-CVE-2023-53279

In the Linux kernel, the following vulnerability has been resolved: misc: vmwballoon: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove...

CVE-2023-53279 misc: vmw_balloon: fix memory leak with using debugfs_lookup()

In the Linux kernel, the following vulnerability has been resolved: misc: vmwballoon: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove...

CVE-2023-53279 misc: vmw_balloon: fix memory leak with using debugfs_lookup()

In the Linux kernel, the following vulnerability has been resolved: misc: vmwballoon: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove...

CVE-2023-53279

In the Linux kernel, the following vulnerability has been resolved: misc: vmwballoon: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove...

VMware Spring Framework <= 5.3.44, 6.0.0 - 6.1.22, 6.2.0 - 6.2.10 Annotation Detection Vulnerability - Windows

The VMware Spring Framework is prone to an annotation detection vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

VMware Spring Framework <= 5.3.44, 6.0.0 - 6.1.22, 6.2.0 - 6.2.10 Annotation Detection Vulnerability - Linux

The VMware Spring Framework is prone to an annotation detection vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Exploit for Use of Uninitialized Resource in Vmware Fusion

This is a VMware Escape Exploit, a proof-of-concept PoC exploit for CVE-2017-4905, targeting VMware WorkStation 12.5.5 and earlier versions. The exploit is designed to escape the VMware environment and execute arbitrary code on the host system. The exploit is written in C and uses a heap...

CVE-2025-58131

Race condition in the Zoom Workplace VDI Plugin macOS Universal installer for VMware Horizon before version 6.4.10 or before 6.2.15 and 6.3.12 in their respective tracks may allow an authenticated user to conduct a disclosure of information via network access...

Security Bulletin: Multiple Vulnerabilities of IBM Java SDK affect VMware Agent from IBM Tivoli Monitoring for Virtual Environments.

Summary IBM java SDK is used by VMware Agent from IBM Tivoli Monitoring for Virtual Environments. Vulnerability Details CVEID:CVE-2025-50106 DESCRIPTION: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Support...

Security Bulletin: Multiple Vulnerabilities of IBM Java SDK affect VMware Agent from IBM Tivoli Monitoring for Virtual Environments.

Summary IBM java SDK is used by VMware Agent from IBM Tivoli Monitoring for Virtual Environments. Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecified vulnerability in Java SE related to the Server: DDL component could allow a remote attacker to cause high confidentiality and hi...

Security Bulletin: Multiple Vulnerabilities of IBM Java SDK affect VMware Agent from IBM Tivoli Monitoring for Virtual Environments.

Summary IBM java SDK is used by VMware Agent from IBM Tivoli Monitoring for Virtual Environments. Vulnerability Details CVEID:CVE-2024-21235 DESCRIPTION: Vulnerability in Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...