CVE-2025-53070

Vulnerability in the Oracle Solaris product of Oracle Systems component: Filesystem. The supported version that is affected is 11. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successf...

CVE-2025-53070

Vulnerability in the Oracle Solaris product of Oracle Systems component: Filesystem. The supported version that is affected is 11. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successf...

EUVD-2025-35264

Vulnerability in the Oracle Solaris product of Oracle Systems component: Filesystem. The supported version that is affected is 11. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successf...

Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024141 fixes several issues. The following security issues were fixed: CVE-2025-38678: netfilter: nftables: reject duplicate device on updates bsc1249534. CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns...

EUVD-2022-54865

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to clear dirty inode in f2fsevictinode As Yanming reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215904 The kernel message is shown below: kernel BUG at fs/f2fs/inode.c:825! Call Trace: evict+0x282/0x4...

EUVD-2022-55006

In the Linux kernel, the following vulnerability has been resolved: dax: make sure inodes are flushed before destroy cache A bug can be triggered by following command $ modprobe ndpmem && modprobe -r ndpmem 10.060014 BUG daxcache Not tainted: Objects remaining in daxcache on kmemcacheshutdown...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987666)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987666 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix race between searching chunks and release journalhead from bufferhead Encountered a ra...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987694)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987694 advisory. In the Linux kernel, the following vulnerability has been resolved: driver core: Fix waitfordeviceprobe & deferredprobetimeout interaction Mounting NFS rootfs was...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987647)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987647 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: fix abort logic in btrfsreplacefileextents Error injection testing uncovered a case where...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987619)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987619 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: dlmfs: fix error handling of userdlmdestroylock When userdlmdestroylock failed, it didn't...

SUSE SLES15 Security Update : kernel (SUSE-SU-2025:03628-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03628-1 advisory. The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: ...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987587)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987587 advisory. In the Linux kernel, the following vulnerability has been resolved: ovl: fix warning in ovlcreatereal Syzbot triggered the following warning in ovlworkdircreate -...

PT-2025-46755

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the ext4 filesystem implementation within the Linux kernel. Specifically, the parse apply sb mount options function may experience a buffer over-read due to insufficient...

vite allows server.fs.deny bypass via backslash on Windows

Summary Files denied by server.fs.deny were sent if the URL ended with \ when the dev server is running on Windows. Impact Only apps that match the following conditions are affected: - explicitly exposes the Vite dev server to the network using --host or server.host config option - running the de...

CVE-2025-40004

In the Linux kernel, the following vulnerability has been resolved: net/9p: Fix buffer overflow in USB transport layer A buffer overflow vulnerability exists in the USB 9pfs transport layer where inconsistent size validation between packet header parsing and actual data copying allows a malicious...

CVE-2025-40004 net/9p: Fix buffer overflow in USB transport layer

In the Linux kernel, the following vulnerability has been resolved: net/9p: Fix buffer overflow in USB transport layer A buffer overflow vulnerability exists in the USB 9pfs transport layer where inconsistent size validation between packet header parsing and actual data copying allows a malicious...

CVE-2025-40004 net/9p: Fix buffer overflow in USB transport layer

In the Linux kernel, the following vulnerability has been resolved: net/9p: Fix buffer overflow in USB transport layer A buffer overflow vulnerability exists in the USB 9pfs transport layer where inconsistent size validation between packet header parsing and actual data copying allows a malicious...

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: nfsd: don't ignore the return code of svcprocregister CVE-2025-22026 kernel: firmware: armscpi: Ensure scpiinfo is not assigned if the probe fails CVE-2022-50087 kernel: sunrpc: fix clien...

SUSE-SU-2025:03628-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-49138: Bluetooth: hcievent: Fix checking conn for leconncompleteevt bsc1238160. - CVE-2022-49980: USB: gadget: fix use-after-free read in usbudcuevent...

Arbitrary File Read

xml2rfc is vulnerable to Arbitrary file read. The vulnerability is due to improper input sanitization when generating PDF files, which allows an attacker to inject a malicious link element into the prepped RFCXML and read arbitrary files from the filesystem...