[SECURITY] Fedora 41 Update: rust-collection_literals-1.0.3-1.fc41

Easy-to-use macros for initializing any collection...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to properly initialize a work queue in the hi311x driver, which could lead to null pointer...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: Fixed the issue where uninitialized values were used in the extentinfo structure during the isextentmergeable and isbackmergeable functions, through the read extent tree path. The root cause of the issue is that the...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Wifi: mwifiex: The chanstats array is initialized to zero. The adapter-chanstats array is initialized in mwifiexinitchannelscangap using vmalloc, which does not zero out the memory. The array is filled in during...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: scsi: libiscsi: Initialize iscsiconn-dddata only if memory is allocated. In the case of an ibfastregmr allocation failure during iSER setup, the system may encounter a panic because iscsiconn-dddata is initialized unconditionally...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: The ice function contains a bug where a NULL pointer dereference is possible when accessing tx-inuse. Recent versions of the E810 firmware support an additional interrupt to handle reports of “low latency” Tx timestamps from the...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Comedi: Fixed the initialization of data for instructions that write to sub-devices. It is known that some Comedi sub-device instruction handlers access data elements beyond the first insn-n elements in some cases. The doinsnioct...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: nfsd: Initialize ssc before laundromatwork to prevent NULL dereference In nfs4statestartnet, laundromatwork may access nfsd4sscexpireumount through nfs4laundromat. If nfsd4ssc is not initialized, this can lead to a NULL pointer...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: cleared the initialized flag for deinitialized srng lists In several cases, we observe kernel panics upon resuming operations due to ath11k kernel page faults. These incidents occur under the following circumstances...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: x86/cpu/hygon: Added resctrlcpudetect to the bspinit helper. Since 923f3a2b48bd “x86/resctrl: Query LLC monitoring properties once during boot”, resctrlcpudetect has been moved from the common CPU initialization code to the...

CVE-2025-11906

A vulnerability exists in Progress Flowmon versions prior 12.5.6 where certain system configuration files have incorrect file permissions, allowing a user with access to the default flowmon system user account used for SSH access to potentially escalate privileges to root during service...

KVM: arm64: Prevent access to vCPU events before init

...

ALSA: hda: Fix missing pointer check in hda_component_manager_init function

...

EUVD-2023-60047

Nagios Network Analyzer versions prior to 2024R1 are vulnerable to cross-site scripting XSS via the Percentile Calculator menu. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

SUSE CVE-2025-40102

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Prevent access to vCPU events before init Another day, another syzkaller bug. KVM erroneously allows userspace to pend vCPU events for a vCPU that hasn't been initialized yet, leading to KVM interpreting a bunch of...

F5 Networks F5OS-A FIPS HSM Password Initialization (K000154661)

The version of F5 Networks F5OS-A installed on the remote host is affected by a vulnerability as referenced in the K000154661 advisory. - When a user attempts to initialize the rSeries FIPS module using a password with special shell metacharacters, the FIPS hardware security module HSM may fail t...

EUVD-2025-36976

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Prevent access to vCPU events before init Another day, another syzkaller bug. KVM erroneously allows userspace to pend vCPU events for a vCPU that hasn't been initialized yet, leading to KVM interpreting a bunch of...

AZL-69412 CVE-2025-40102 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Prevent access to vCPU events before init Another day, another syzkaller bug. KVM erroneously allows userspace to pend vCPU events for a vCPU that hasn't been initialized yet, leading to KVM interpreting a bunch of...

UBUNTU-CVE-2025-40102

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Prevent access to vCPU events before init Another day, another syzkaller bug. KVM erroneously allows userspace to pend vCPU events for a vCPU that hasn't been initialized yet, leading to KVM interpreting a bunch of...

CVE-2025-40102 KVM: arm64: Prevent access to vCPU events before init

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Prevent access to vCPU events before init Another day, another syzkaller bug. KVM erroneously allows userspace to pend vCPU events for a vCPU that hasn't been initialized yet, leading to KVM interpreting a bunch of...