21 matches found
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Use accesswidth instead of bitwidth for system memory accesses To comply with ACPI 6.3+, since bitwidth can be any 8-bit value, it cannot be relied upon to always be at a clean 8-bit boundary. This issue was discovere...
Security update for erlang26
This update for erlang26 fixes the following issues Security issues: CVE-2026-21620: remote arbitrary read/write via TFTP relative path traversal bsc1258663. CVE-2026-23941: HTTP Request Smuggling in Erlang OTP bsc1259687. CVE-2026-23942: path traversal vulnerability in Erlang OTP bsc1259681...
Fedora 42 : openttd (2026-216041a3e7)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-216041a3e7 advisory. 15.x 15.1 2026-01-24 - Fix 15088: When building a new train, the refit button state may be incorrect 15162 - Fix 15160: Incorrect company names displayed in...
Important: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.6 Product Security and Bug Fix Update
An update is now available for Red Hat Ansible Automation Platform 2.6 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
PT-2025-49658
In the Linux kernel, the following vulnerability has been resolved: ethtool: Fix uninitialized number of lanes It is not possible to set the number of lanes when setting link modes using the legacy IOCTL ethtool interface. Since 'struct ethtool link ksettings' is not initialized in this path,...
Siemens SIMATIC Devices Use of Uninitialized Resource (CVE-2024-35915)
nfc: nci: Fix uninit-value in ncidevup and ncintfpacket This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503499; scriptversion"1.2";...
SUSE-SU-2025:02848-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-50211: md-raid10: fix KASAN warning bsc1245140. - CVE-2023-2176: Fixed an out-of-boundary read in comparenetdevandip in drivers/infiniband/core/cma.c in RDM...
Linux Distros Unpatched Vulnerability : CVE-2021-47029
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mt76: connac: fix kernel warning adding monitor interface Fix the following kernel warning...
CVE-2022-50004
CVE-2022-50004 is a Linux kernel vulnerability in the xfrm policy path. A null pointer dereference can occur when transmitting an skb with metadata_dst where dst->dev is NULL, through the xfrm interface, due to a missing null check in xfrmi_xmit/xfrm_lookup_with_ifid. The impact is kernel cras...
CVE-2022-50004 xfrm: policy: fix metadata dst->dev xmit null pointer dereference
In the Linux kernel, the following vulnerability has been resolved: xfrm: policy: fix metadata dst-dev xmit null pointer dereference When we try to transmit an skb with metadatadst attached i.e. dst-dev == NULL through xfrm interface we can hit a null pointer dereference1 in xfrmixmit2 -...
CVE-2025-47277 vLLM Allows Remote Code Execution via PyNcclPipe Communication Service
vLLM, an inference and serving engine for large language models LLMs, has an issue in versions 0.6.5 through 0.8.4 that ONLY impacts environments using the PyNcclPipe KV cache transfer integration with the V0 engine. No other configurations are affected. vLLM supports the use of...
SUSE CVE-2025-37758
In the Linux kernel, the following vulnerability has been resolved: ata: patapxa: Fix potential NULL pointer dereference in pxaataprobe devmioremap returns NULL on error. Currently, pxaataprobe does not check for this case, which can result in a NULL pointer dereference. Add NULL check after...
DEBIAN-CVE-2022-49160
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash during module load unload test During purex packet handling the driver was incorrectly freeing a pre-allocated structure. Fix this by skipping that entry. System crashed with the following stack during a...
SUSE-SU-2025:20047-1 Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-52489: mm/sparsemem: fix race in accessing memorysection-usage bsc1221326. - CVE-2023-52581: netfilter: nftables: fix memleak when more than 255...
CVE-2021-47029
In the Linux kernel, the following vulnerability has been resolved: mt76: connac: fix kernel warning adding monitor interface Fix the following kernel warning adding a monitor interface in mt76connacmcuuniadddev routine. 507.984882 ------------ cut here ------------ 507.989515 WARNING: CPU: 1 PID...
OPENSUSE-SU-2023:0352-1 Security update for virtualbox
This update for virtualbox fixes the following issues: - Version bump to VirtualBox 7.0.12 released October 17 2023 by Oracle Fixes the following: - CVE-2023-22098 boo1216363 - CVE-2023-22099 boo1216364 - CVE-2023-22100 boo1216365 This is a maintenance release. The following items were fixed and/...
CLSA-2023-1682712108 kernel: Fix of 7 CVEs
mISDN: fix use-after-free bugs in l1oip timer handlers CVE-2022-3565 - media: rc: Fix use-after-free bugs caused by enetxirqsim CVE-2023-1118 - Bluetooth: btsdio: fix use after free bug in btsdioremove due to unfinished work CVE-2023-1989 - proc: procskipspaces shouldn't think it is working on C...
SUSE-SU-2023:1830-1 Security update for SUSE Manager Server 4.3
This update fixes the following issues: spacewalk-java: - Version 4.3.52-1 Add more restricted arguments to prevent HTTP API logging sensitive data bsc1209386, bsc1209395 spacewalk-web: - Version 4.3.29-1 Fix datepicker appearing behind modal edge bsc1209703 Fix datepicker layout shift on Highsta...
kernel: ACPI: CPPC: Avoid out of bounds access when parsing _CPC data
In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Avoid out of bounds access when parsing CPC data If the NumEntries field in the CPC return package is less than 2, do not attempt to access the "Revision" element of that package, because it may not be present then...
OPENSUSE-SU-2020:1829-1 Security update for chromium, gn
This update for chromium, gn fixes the following issues: chromium was updated to 86.0.4240.183 boo1178375 - CVE-2020-16004: Use after free in user interface. - CVE-2020-16005: Insufficient policy enforcement in ANGLE. - CVE-2020-16006: Inappropriate implementation in V8 - CVE-2020-16007:...