USN-7672-1 openjdk-17-crac vulnerabilities

It was discovered that the 2D component of CRaC JDK 17 did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2025-30749, CVE-2025-50106 VMashroor Hasan Bhuiyan discovered that the JSSE...

CVE-2025-38445

In the Linux kernel, the following vulnerability has been resolved: md/raid1: Fix stack memory use after return in raid1reshape In the raid1reshape function, newpool is allocated on the stack and assigned to conf-r1biopool. This results in conf-r1biopool.wait.head pointing to a stack address...

CVE-2025-38445

In the Linux kernel, the following vulnerability has been resolved: md/raid1: Fix stack memory use after return in raid1reshape In the raid1reshape function, newpool is allocated on the stack and assigned to conf-r1biopool. This results in conf-r1biopool.wait.head pointing to a stack address...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a stack memory usage issue after a reshape operation, which could cause the kernel to crash...

USN-7667-1 openjdk-8 vulnerabilities

It was discovered that the 2D component of OpenJDK 8 did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2025-30749, CVE-2025-50106 Mashroor Hasan Bhuiyan discovered that the JSSE compone...

UBUNTU-CVE-2025-53538

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. In versions 7.0.10 and below and 8.0.0-beta1 through 8.0.0-rc1, mishandling of data on HTTP2 stream 0 can lead to uncontrolled memory usage, leading to loss of...

CVE-2025-53538 Suricata's mishandling of data on HTTP2 stream 0 can lead to resource starvation

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. In versions 7.0.10 and below and 8.0.0-beta1 through 8.0.0-rc1, mishandling of data on HTTP2 stream 0 can lead to uncontrolled memory usage, leading to loss of...

CVE-2025-53538 Suricata's mishandling of data on HTTP2 stream 0 can lead to resource starvation

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. In versions 7.0.10 and below and 8.0.0-beta1 through 8.0.0-rc1, mishandling of data on HTTP2 stream 0 can lead to uncontrolled memory usage, leading to loss of...

CVE-2025-53538

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. In versions 7.0.10 and below and 8.0.0-beta1 through 8.0.0-rc1, mishandling of data on HTTP2 stream 0 can lead to uncontrolled memory usage, leading to loss of...

SUSE-SU-2025:02347-1 Security update for gstreamer-plugins-good

This update for gstreamer-plugins-good fixes the following issues: - CVE-2025-47183: Fixed out-of-bounds read in MOV/MP4 demuxer bsc1244406. - CVE-2025-47219: Fixed out-of-bounds read in MOV/MP4 demuxer bsc1244405. - CVE-2024-47540: Fixed uninitialized stack memory in Matroska/WebM demuxer...

CVE-2025-48795

Apache CXF contains a memory-pressure vulnerability where large stream-based messages stored as temporary files are fully read into memory and logged, enabling potential DoS via out-of-memory when logs are written unencrypted. Fixes are available in CXF versions 3.5.11, 3.6.6, 4.0.7, and 4.1.1, w...

Azure Linux 3.0 Security Update: coredns (CVE-2025-47950)

The version of coredns installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-47950 advisory. - CoreDNS is a DNS server that chains plugins. In versions prior to 1.12.2, a Denial of Service DoS...

CVE-2025-53020

Late Release of Memory after Effective Lifetime vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: from 2.4.17 up to 2.4.63. Users are recommended to upgrade to version 2.4.64, which fixes the issue...

CVE-2025-38321 smb: Log an error when close_all_cached_dirs fails

In the Linux kernel, the following vulnerability has been resolved: smb: Log an error when closeallcacheddirs fails Under low-memory conditions, closeallcacheddirs can't move the dentries to a separate list to dput them once the locks are dropped. This will result in a "Dentry still in use" error...

CVE-2025-21466 Use After Free in Display

Memory corruption while processing a private escape command in an event trigger...

CVE-2025-20983

Out-of-bounds write in checking auth secret in KnoxVault trustlet prior to SMR Jul-2025 Release 1 allows local privileged attackers to write out-of-bounds memory...

UBUNTU-CVE-2025-6712

MongoDB Server may be susceptible to disruption caused by high memory usage, potentially leading to server crash. This condition is linked to inefficiencies in memory management related to internal operations. In scenarios where certain internal processes persist longer than anticipated, memory...

CVE-2025-6712

MongoDB Server (MongoDB Server v8.0.x prior to 8.0.10) is affected by a DoS risk due to high memory usage. The issue stems from inefficient memory management in internal operations, where certain internal processes persisting longer than expected can cause memory consumption to spike, potentially...

CVE-2025-38116

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix uaf in ath12kcoreinit When the execution of ath12kcorehwgroupassign or ath12kcorehwgroupcreate fails, the registered notifier chain is not unregistered properly. Its memory is freed after rmmod, which may trigge...

CVE-2025-49763

CVE-2025-49763 affects Apache Traffic Server via the ESI plugin. The vulnerability arises when ESI requests stack with no limit on inclusion depth, allowing memory exhaustion and potential DoS on ATS nodes. Affected versions are ATS 10.0.0–10.0.5 and 9.0.0–9.2.10. Remediation is to upgrade to 9.2...