USN-7922-3: Linux kernel (Oracle) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - ACPI drivers; - InfiniBand drivers; - Media drivers; - Network drivers; - Pin controllers...

USN-7922-3 linux-oracle-5.4 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - ACPI drivers; - InfiniBand drivers; - Media drivers; - Network drivers; - Pin controllers...

USN-7928-4: Linux kernel (Raspberry Pi) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Media drivers; - Network drivers; - AFS file system; - F2FS file system; - Tracing...

USN-7928-4 linux-raspi vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Media drivers; - Network drivers; - AFS file system; - F2FS file system; - Tracing...

CVE-2025-68279 Weblate has an arbitrary file read via symbolic links

Weblate is a web based localization tool. In versions prior to 5.15.1, it was possible to read arbitrary files from the server file system using crafted symbolic links in the repository. Version 5.15.1 fixes the issue...

Weblate has an arbitrary file read via symbolic links

Impact It was possible to read arbitrary files from the server file system using crafted symbolic links in the repository. Resources Thanks to Jason Marcello for responsible disclosure...

CVE-2025-68382

Out-of-bounds read CWE-125 allows an unauthenticated remote attacker to perform a buffer overflow CAPEC-100 via the NFS protocol dissector, leading to a denial-of-service DoS through a reliable process crash when handling truncated XDR-encoded RPC messages...

CVE-2025-68382

Out-of-bounds read CWE-125 allows an unauthenticated remote attacker to perform a buffer overflow CAPEC-100 via the NFS protocol dissector, leading to a denial-of-service DoS through a reliable process crash when handling truncated XDR-encoded RPC messages...

CVE-2025-68382 Packetbeat Out-of-bounds Read

Out-of-bounds read CWE-125 allows an unauthenticated remote attacker to perform a buffer overflow CAPEC-100 via the NFS protocol dissector, leading to a denial-of-service DoS through a reliable process crash when handling truncated XDR-encoded RPC messages...

CVE-2025-68382 Packetbeat Out-of-bounds Read

Out-of-bounds read CWE-125 allows an unauthenticated remote attacker to perform a buffer overflow CAPEC-100 via the NFS protocol dissector, leading to a denial-of-service DoS through a reliable process crash when handling truncated XDR-encoded RPC messages...

Packetbeat 8.19.9, 9.1.9, and 9.2.3 Security Update (ESA-2025-31)

Packetbeat Out-of-bounds Read ESA-2025-31 Out-of-bounds read CWE-125 allows an unauthenticated remote attacker to perform a buffer overflow CAPEC-100 via the NFS protocol dissector, leading to a denial-of-service DoS through a reliable process crash when handling truncated XDR-encoded RPC message...

SUSE CVE-2025-68299

In the Linux kernel, the following vulnerability has been resolved: afs: Fix delayed allocation of a cell's anonymous key The allocation of a cell's anonymous key is done in a background thread along with other cell setup such as doing a DNS upcall. In the reported bug, this is triggered by...

Elastic Packetbeat 安全漏洞

Elastic Packetbeat is a data collector from the Dutch company Elastic. A security vulnerability exists in Elastic Packetbeat that stems from an out-of-bounds read in the NFS protocol parser, which could lead to a denial of service...

USN-7940-1: Linux kernel (Azure FIPS) vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

kernel: nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm()

A vulnerability has been identified in the Linux kernel's Network File System NFS daemon that could allow for a Denial of Service and in worst case scenario Arbitrary Code Execution. This Use-After-Free flaw arises from a race condition when the kernel handles the confirmation of an NFS client...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50253: bpf: make sure skb-len != 0 when redirecting to a tunneling device bsc1249912. CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in...

kernel: NFS: Fix a race when updating an existing write

A flaw use after free in the Linux kernel NFS functionality was found in the way connected user sends malicious data to the server. A remote user could use this flaw to crash the system...

kernel: nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm()

A vulnerability has been identified in the Linux kernel's Network File System NFS daemon that could allow for a Denial of Service and in worst case scenario Arbitrary Code Execution. This Use-After-Free flaw arises from a race condition when the kernel handles the confirmation of an NFS client...

kernel: NFSD: Protect against send buffer overflow in NFSv2 READ

In the Linux kernel, the following vulnerability has been resolved: NFSD: Protect against send buffer overflow in NFSv2 READ Since before the git era, NFSD has conserved the number of pages held by each nfsd thread by combining the RPC receive and send buffers into a single array of pages. This...

SUSE CVE-2025-40361

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...