SUSE SLES15 / openSUSE 15 : Recommended update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container (SUSE-SU-2025:02555-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02555-1 advisory. - Revert commits adding zero block detection feature in 1.4.1 bsc1244548 - rebuild with current GO compiler. Tenable has...

Recommended update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestf

This update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container fixes the following issues: Revert...

RockyLinux 8 : java-21-openjdk (RLSA-2025:3855)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:3855 advisory. JDK: Better TLS connection support CVE-2025-21587 JDK: Improve compiler transformations CVE-2025-30691 JDK: Enhance Buffered Image handling CVE-2025-3069...

RockyLinux 8 : java-1.8.0-openjdk (RLSA-2025:3845)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:3845 advisory. JDK: Better TLS connection support CVE-2025-21587 JDK: Improve compiler transformations CVE-2025-30691 JDK: Enhance Buffered Image handling CVE-2025-3069...

RLSA-2025:3852 Moderate: java-17-openjdk security update

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: JDK: Better TLS connection support CVE-2025-21587 JDK: Improve compiler transformations CVE-2025-30691 JDK: Enhance Buffered Image handling CVE-2025-30698...

java-21-openjdk security update

An update is available for java-21-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The OpenJDK 21 packages provide the OpenJDK 21 Java Runtime Environme...

RLSA-2025:3845 Moderate: java-1.8.0-openjdk security update

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: JDK: Better TLS connection support CVE-2025-21587 JDK: Improve compiler transformations CVE-2025-30691 JDK: Enhance Buffered Image handling CVE-2025-3069...

RLSA-2025:3855 Moderate: java-21-openjdk security update

The OpenJDK 21 packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. Security Fixes: JDK: Better TLS connection support CVE-2025-21587 JDK: Improve compiler transformations CVE-2025-30691 JDK: Enhance Buffered Image handling CVE-2025-30698 For...

[SECURITY] Fedora 41 Update: pypy-7.3.20-2.fc41

PyPy's implementation of Python, featuring a Just-In-Time compiler on some CPU architectures, and various optimized implementations of the standard types strings, dictionaries, etc This build of PyPy has JIT-compilation enabled...

ROS-20250718-01

The vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to incorrect optimization, where JIT compilation created incorrect code in certain cases. optimization, in which JIT-compilation in certain cases created incorrect code for arguments. arguments. Exploitation...

Architectural Backdoors in Deep Learning: a Survey of Vulnerabilities, Detection, and Defense

Architectural backdoors pose an under-examined but critical threat to deep neural networks, embedding malicious logic directly into a model's computational graph. Unlike traditional data poisoning or parameter manipulation, architectural backdoors evade standard mitigation techniques and persist...

UBUNTU-CVE-2025-30752

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE component: Compiler. The supported version that is affected is Oracle Java SE: 24.0.1; Oracle GraalVM for JDK: 24.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

FreeBSD : liboqs -- Secret-dependent branching in HQC (aeac223e-60e1-11f0-8baa-8447094a420f)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the aeac223e-60e1-11f0-8baa-8447094a420f advisory. The OpenQuantumSafe project reports: Secret-dependent branching in HQC reference implementation when...

CVE-2024-31852 affecting package compiler-rt for versions less than 18.1.2-2

CVE-2024-31852 affecting package compiler-rt for versions less than 18.1.2-2. A patched version of the package is available...

CLSA-2025-1751913683 Fix CVE(s): CVE-2025-21587, CVE-2025-30691, CVE-2025-30698

OpenJDK 11.0.27 release, build 6. - CVE-2025-21587: better TLS connection support - CVE-2025-30691: improve compiler transformations - CVE-2025-30698: enhance Buffered Image handling - Release notes: https://mail.openjdk.org/pipermail/jdk-updates-dev/2025-April/043306.html...

webkitgtk: javascriptcore: processing maliciously crafted web content may lead to arbitrary code execution

A vulnerability was discovered in WebKitGTK's JIT compiler. Processing maliciously crafted web content may lead to arbitrary code execution...

SUSE CVE-2025-52496

Mbed TLS before 3.6.4 has a race condition in AESNI detection if certain compiler optimizations occur. An attacker may be able to extract an AES key from a multithreaded program, or perform a GCM forgery...

Compiler Optimization Removal or Modification of Security-critical Code

Overview Affected versions of this package are vulnerable to Compiler Optimization Removal or Modification of Security-critical Code due to a race condition in AESNI detection when certain compiler optimizations are applied. An attacker can extract sensitive cryptographic keys or perform...

DEBIAN-CVE-2025-52496

Mbed TLS before 3.6.4 has a race condition in AESNI detection if certain compiler optimizations occur. An attacker may be able to extract an AES key from a multithreaded program, or perform a GCM forgery...

RVISmith: Fuzzing Compilers for RVV Intrinsics

Modern processors are equipped with single instruction multiple data SIMD instructions for fine-grained data parallelism. Compiler auto-vectorization techniques that target SIMD instructions face performance limitations due to insufficient information available at compile time, requiring...