SUSE-SU-2025:4170-1 Security update for the Linux Kernel (Live Patch 63 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise kernel 4.12.14-122.237 fixes one security issue The following security issue was fixed: - CVE-2024-53141: netfilter: ipset: add missing range check in bitmapipuadt bsc1245778...

SUSE-SU-2025:4161-1 Security update for the Linux Kernel RT (Live Patch 5 for SUSE Linux Enterprise 15 SP6)

This update for the SUSE Linux Enterprise kernel 6.4.0-150600.10.17 fixes various security issues The following security issues were fixed: - CVE-2024-53141: netfilter: ipset: add missing range check in bitmapipuadt bsc1245778. - CVE-2025-23145: mptcp: fix NULL pointer in canacceptnewsubflow...

USN-7876-1: ImageMagick vulnerability

It was discovered that ImageMagick did not properly handle memory when encoding BMP images. An attacker could possibly use this issue to cause ImageMagick to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue exists due to an incomplete fix for CVE-2025-57803...

USN-7876-1 imagemagick vulnerabilities

It was discovered that ImageMagick did not properly handle memory when encoding BMP images. An attacker could possibly use this issue to cause ImageMagick to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue exists due to an incomplete fix for CVE-2025-57803...

Researchers Detail Tuoni C2's Role in an Attempted 2025 Real-Estate Cyber Intrusion

Cybersecurity researchers have disclosed details of a cyber attack targeting a major U.S.-based real-estate company that involved the use of a nascent command-and-control C2 and red teaming framework known as Tuoni. "The campaign leveraged the emerging Tuoni C2 framework, a relatively new,...

Mozilla Firefox < 52.0.1

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 52.0.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2017-08 advisory. - An integer overflow in createImageBitmap was reported through the Pwn2Own contest. The fix for this vulnerability...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-45025)

bitmap corruption on closerange with CLOSERANGEUNSHARE copyfdbitmaps. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504655; scriptversion"1.3";...

Mozilla Firefox ESR < 52.0.1

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 52.0.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2017-08 advisory. - An integer overflow in createImageBitmap was reported through the Pwn2Own contest. The fix for this vulnerabilit...

Mozilla Firefox ESR < 52.0.1

The version of Firefox ESR installed on the remote Windows host is prior to 52.0.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2017-08 advisory. - An integer overflow in createImageBitmap was reported through the Pwn2Own contest. The fix for this vulnerability disables...

Siemens SIMATIC S7-1500 Improper Input Validation (CVE-2025-21712)

md/md-bitmap: vulnerability caused by bitmapgetstats can be called even if the bitmap is destroyed or not fully initialized, leading to a kernel crash, which is fixed by synchronizing bitmapgetstats with bitmapinfo.mutex. This plugin only works with Tenable.ot. Please visit...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990828)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990828 advisory. In the Linux kernel, the following vulnerability has been resolved: udf: Avoid excessive partition lengths Avoid mounting filesystems where the partition would...

kernel: powerpc/xive/spapr: correct bitmap allocation size

In the Linux kernel, the following vulnerability has been resolved: powerpc/xive/spapr: correct bitmap allocation size kasan detects access beyond the end of the xibm-bitmap allocation: BUG: KASAN: slab-out-of-bounds in findfirstzerobit+0x40/0x140 Read of size 8 at addr c00000001d1d0118 by task...

[SECURITY] Fedora 41 Update: fontforge-20230101-16.fc41

FontForge former PfaEdit is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript ASCII and binary Type 1, some Type 3 and Type 0, TrueType, OpenType Type2 and CID-keyed fonts...

[SECURITY] Fedora 42 Update: qt5-qtimageformats-5.15.18-1.fc42

The core Qt Gui library by default supports reading and writing image files of the most common file formats: PNG, JPEG, BMP, GIF and a few more, ref. Reading and Writing Image Files. The Qt Image Formats add-on module provides optional support for other image file formats, including: MNG, TGA,...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990604)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990604 advisory. In the Linux kernel, the following vulnerability has been resolved: md/bitmap: don't set sb values if can't pass sanity check If bitmap area contains invalid data,...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990488)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990488 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fix overflow before widen in the bitmapipcreate function. When firstip is 0,...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990638)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990638 advisory. In the Linux kernel, the following vulnerability has been resolved: s390/ap: Fix crash in AP internal function modifybitmap A system crash like this Failing address:...

md/md-bitmap: fix wrong bitmap_limit for clustermd when write sb

...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988978)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988978 advisory. In the Linux kernel, the following vulnerability has been resolved: md/bitmap: don't set sb values if can't pass sanity check If bitmap area contains invalid data,...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990333)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990333 advisory. In the Linux kernel, the following vulnerability has been resolved: s390/ap: Fix crash in AP internal function modifybitmap A system crash like this Failing address:...