SUSE-SU-2025:20982-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_4

This update for kernel-livepatch-MICRO-6-0-RTUpdate4 fixes the following issues: - CVE-2024-53164: net: sched: fix ordering of qlen adjustment bsc1246019 - CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631 - CVE-2025-38618: vsock: Do not allow binding to...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989129)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989129 advisory. In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: Fix out-of-bounds accesses in RX fixup aqc111rxfixup contains several...

CVE-2025-59596

CVE-2025-59596 is a denial-of-service vulnerability in the Secure Access Windows client, affecting versions 12.0–14.10. When a local networking policy is active, a crafted packet sent from an adjacent network may cause the client to crash. The vulnerability is addressed in version 14.12. The CVSS...

Oracle Linux 8 : kernel (ELSA-2025-19447)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-19447 advisory. - smb3: missing lock when picking channel Paulo Alcantara RHEL-109546 CVE-2024-35999 - smb: client: fix potential deadlock when reconnecting channels...

CLSA-2025-1762181347 containernetworking-plugins: Fix of CVE-2023-24540

rebuild with newer golang to fix CVE-2023-24540 sanitize templates with whitespace outside the allowed character set in JavaScript contexts...

FreeBSD : Firefox -- Information disclosure in the Networking: Cache component (ea017037-b808-11f0-8016-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ea017037-b808-11f0-8016-b42e991fc52e advisory. https://bugzilla.mozilla.org/showbug.cgi?id=1981502 reports: Information disclosure in the Networking:...

[SECURITY] Fedora 43 Update: qt5-qtbase-5.15.17-6.fc43

Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: iouring/net: Commit partial buffers during retries. Ring-provided buffers are potentially only valid within the single execution context in which they were acquired. iouring handles this by invalidating such buffers during retrie...

USN-7835-4 linux-hwe-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...

USN-7835-4: Linux kernel (HWE) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-7853-1)

"The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7853-1 advisory. Jean-Claude Graf, Sandro Regge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor...

USN-7853-2: Linux kernel (FIPS) vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

USN-7854-1: Linux kernel (KVM) vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

USN-7854-1 linux-kvm vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

USN-7853-1 linux, linux-aws, linux-aws-hwe, linux-gcp, linux-gcp-4.15, linux-hwe, linux-oracle vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

USN-7853-1: Linux kernel vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

Moderate: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

CVE-2025-12309

A weakness has been identified in code-projects Nero Social Networking Site 1.0. This affects an unknown part of the file /friendprofile.php. Executing manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been made available to t...

Linux Distros Unpatched Vulnerability : CVE-2025-40064

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smc: Fix use-after-free in pnetfindbasendev. syzbot reported use-after-free of netdevice in pnetfindbasendev, which was called during connect. 0...

Fedora: Security Advisory (FEDORA-2025-f4d64845aa)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...