799 matches found
Security update for erlang26
This update for erlang26 fixes the following issues: CVE-2025-30211: Fixed KEX init error results with excessive memory usage bsc1240390 CVE-2025-32433: Fixed unauthenticated remote code execution in Erlang/OTP SSH bsc1241300 Patch Instructions: To install this SUSE update use the SUSE recommende...
CVE-2025-38152
CVE-2025-38152 affects the Linux kernel remoteproc subsystem. The root cause is the rproc_shutdown path not clearing rproc->table_sz, which allows a memcpy of loaded_table from rproc->cached_table to use a NULL rproc->cached_table after stopping, causing a kernel crash. The issue is repo...
CVE-2025-38152 remoteproc: core: Clear table_sz when rproc_shutdown
In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Clear tablesz when rprocshutdown There is case as below could trigger kernel dump: Use U-Boot to start remote processorrproc with resource table published to a fixed address by rproc. After Kernel boots up, stop...
CVE-2025-22121
CVE-2025-22121 – Linux kernel ext4 xattr check bypass (out-of-bounds read) What’s affected: Linux kernel ext4 filesystem code, specifically ext4_xattr_inode_dec_ref_all() and related xattr handling paths that can read beyond allocated buffers when inodes contain xattrs. What’s the issue: A read o...
CVE-2025-32911
A use-after-free type vulnerability was found in libsoup, in the soupmessageheadersgetcontentdisposition function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server...
CVE-2025-32907
A flaw was found in libsoup. The implementation of HTTP range requests is vulnerable to a resource consumption attack. This flaw allows a malicious client to request the same range many times in a single HTTP request, causing the server to use large amounts of memory. This does not allow for a fu...
CVE-2025-32381
XGrammar (open-source library for structured generation) has a DoS in-memory cache vulnerability. Before version 0.1.18, an unbounded in-memory cache of compiled grammars can be filled by many unique inputs (e.g., numerous JSON schemas), exhausting host memory and causing denial of service. The i...
CVE-2025-27534
in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release of memory...
CVE-2023-52998
In the Linux kernel, the following vulnerability has been resolved: net: fec: Use pagepoolputfullpage when freeing rx buffers The pagepoolreleasepage was used when freeing rx buffers, and this function just unmaps the page if mapped and does not recycle the page. So after hundreds of down/up the...
CVE-2023-52998 net: fec: Use page_pool_put_full_page when freeing rx buffers
In the Linux kernel, the following vulnerability has been resolved: net: fec: Use pagepoolputfullpage when freeing rx buffers The pagepoolreleasepage was used when freeing rx buffers, and this function just unmaps the page if mapped and does not recycle the page. So after hundreds of down/up the...
CVE-2022-49754
CVE-2022-49754: Linux kernel Bluetooth mgmt_mesh_add() contains a buffer overflow risk in mgmt_util.c. Smatch indicates mesh_tx->param is 48 bytes while the destination can reach 50 bytes; caller rejects only when len > 50, creating a potential overflow window. Multiple connected sources co...
Security update for google-osconfig-agent
This update for google-osconfig-agent fixes the following issues: CVE-2025-22868: golang.org/x/oauth2/jws: Fixed unexpected memory consumption during token parsing bsc1239197 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
USN-7367-1 zvbi vulnerabilities
It was discovered that zvbi incorrectly handled memory when processing user input. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code...
CVE-2024-7771
A vulnerability in the Dockerized version of mintplex-labs/anything-llm latest, digest 1d9452da2b92 allows for a denial of service. Uploading an audio file with a very low sample rate causes the functionality responsible for transcribing it to crash the entire site instance. The issue arises from...
firefox: JIT corruption of WASM i32 return values on 64-bit CPUs
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: On 64-bit CPUs, when the JIT compiles WASM i32 return values they can pick up bits from left over memory. This can potentially cause them to be treated as a different type...
SmallRye Fault Tolerance out-of-memory (OOM) issue
A flaw was found in Smallrye, where smallrye-fault-tolerance is vulnerable to an out-of-memory OOM issue. This vulnerability is externally triggered when calling the metrics URI. Every call creates a new object within meterMap and may lead to a denial of service DoS issue...
CVE-2025-2240
A flaw was found in Smallrye, where smallrye-fault-tolerance is vulnerable to an out-of-memory OOM issue. This vulnerability is externally triggered when calling the metrics URI. Every call creates a new object within meterMap and may lead to a denial of service DoS issue...
CVE-2025-2240 Smallrye-fault-tolerance: smallrye fault tolerance
A flaw was found in Smallrye, where smallrye-fault-tolerance is vulnerable to an out-of-memory OOM issue. This vulnerability is externally triggered when calling the metrics URI. Every call creates a new object within meterMap and may lead to a denial of service DoS issue...
CVE-2025-2240
CVE-2025-2240 is a Smallrye fault-tolerance OOM/DoS issue triggered by the metrics endpoint: each call allocates a new object in meterMap, potentially exhausting memory and causing DoS. Connected advisories confirm a fix is available in updated SmallRye Fault Tolerance core; remediation is to upg...
USN-7299-3 xorg-server, xwayland regression
USN-7299-2 fix vulnerabilities in X.Org X Server. This fix caused regression in Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. This update reverts it pending further investigation. Original advisory details: Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain memory operations...