Incomplete Cleanup

Overview Affected versions of this package are vulnerable to Incomplete Cleanup due to the improper cleanup of the streams map. An attacker can cause unbounded memory consumption by repeatedly creating and closing a large number of streams, leading to resource exhaustion. Remediation Upgrade...

GHSA-2F2X-8MWP-P2GC webtransport-go: Memory Exhaustion Attack due to Missing Cleanup of Streams Map

Summary An attacker can cause unbounded memory consumption repeatedly creating and closing many WebTransport streams. Closed streams were not removed from an internal session map, preventing garbage collection of their resources. Details webtransport-go maintains an internal map tracking...

webtransport-go: Memory Exhaustion Attack due to Missing Cleanup of Streams Map

Summary An attacker can cause unbounded memory consumption repeatedly creating and closing many WebTransport streams. Closed streams were not removed from an internal session map, preventing garbage collection of their resources. Details webtransport-go maintains an internal map tracking...

SUSE-SU-2026:0471-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-40257: mptcp: fix a race in mptcppmdeladdtimer bsc1254842. - CVE-2025-40259: scsi: sg: Do not sleep in atomic context bsc1254845. - CVE-2025-68284: libceph:...

Arbitrary Code Execution

SandboxJS is vulnerable to Arbitrary Code Execution. The vulnerability is due to exposing Map in SAFEPROTOTYPES, where Map.prototype can be accessed and its has method overwritten from within the sandbox, allowing attackers to alter host behavior and escape the sandbox restrictions...

SUSE SLED15 / SLES15 Security Update : qemu (SUSE-SU-2026:0445-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0445-1 advisory. - CVE-2026-0665: Added PIRQ bounds check in xenphysdevmappirq to avoid an out-of-bounds heap. bsc1256484 Other fixes: -...

AlmaLinux 9 : image-builder (ALSA-2026:1377)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2026:1377 advisory. golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 Tenable has extracted the preceding description block directly from the...

PT-2026-7870

Name of the Vulnerable Software and Affected Versions webtransport-go versions prior to 0.10.0 Description An attacker can cause unbounded memory consumption by repeatedly creating and closing many WebTransport streams. Closed streams were not removed from an internal session map, preventing...

kernel: libceph: fix potential use-after-free in have_mon_and_osd_map()

A use-after-free vulnerability was found in the Ceph client session initialization in the Linux kernel. The havemonandosdmap function checks map epochs without holding the appropriate locks, racing with concurrent map updates that free the old map. This can result in dereferencing freed memory...

kernel: libceph: fix potential use-after-free in have_mon_and_osd_map()

A use-after-free vulnerability was found in the Ceph client session initialization in the Linux kernel. The havemonandosdmap function checks map epochs without holding the appropriate locks, racing with concurrent map updates that free the old map. This can result in dereferencing freed memory...

OPENSUSE-SU-2026:20198-1 Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues: - CVE-2025-62229: Fixed use-after-free in XPresentNotify structures creation bsc1251958. - CVE-2025-62230: Fixed use-after-free in Xkb client resource removal bsc1251959. - CVE-2025-62231: Fixed value overflow in Xkb extension...

kernel: libceph: fix potential use-after-free in have_mon_and_osd_map()

A use-after-free vulnerability was found in the Ceph client session initialization in the Linux kernel. The havemonandosdmap function checks map epochs without holding the appropriate locks, racing with concurrent map updates that free the old map. This can result in dereferencing freed memory...

CVE-2025-29939

Improper access control in secure encrypted virtualization SEV could allow a privileged attacker to write to the reverse map page RMP during secure nested paging SNP initialization, potentially resulting in a loss of guest memory confidentiality and integrity...

CVE-2025-0012

Improper handling of overlap between the segmented reverse map table RMP and system management mode SMM memory could allow a privileged attacker corrupt or partially infer SMM memory resulting in loss of integrity or confidentiality...

UBUNTU-CVE-2025-29939

Improper access control in secure encrypted virtualization SEV could allow a privileged attacker to write to the reverse map page RMP during secure nested paging SNP initialization, potentially resulting in a loss of guest memory confidentiality and integrity...

CVE-2025-29939

Improper access control in secure encrypted virtualization SEV could allow a privileged attacker to write to the reverse map page RMP during secure nested paging SNP initialization, potentially resulting in a loss of guest memory confidentiality and integrity...

CVE-2025-0012

Improper handling of overlap between the segmented reverse map table RMP and system management mode SMM memory could allow a privileged attacker corrupt or partially infer SMM memory resulting in loss of integrity or confidentiality...

UBUNTU-CVE-2025-0012

Improper handling of overlap between the segmented reverse map table RMP and system management mode SMM memory could allow a privileged attacker corrupt or partially infer SMM memory resulting in loss of integrity or confidentiality...

CVE-2025-0012

CVE-2025-0012 describes a vulnerability in AMD platforms (notably AMD EPYC/EPYC Embedded) where improper handling of overlap between the segmented reverse map table (RMP) and System Management Mode (SMM) memory could allow a privileged attacker to corrupt or partially infer SMM memory, leading to...

CVE-2025-0012

Improper handling of overlap between the segmented reverse map table RMP and system management mode SMM memory could allow a privileged attacker corrupt or partially infer SMM memory resulting in loss of integrity or confidentiality...