317 matches found
AZL-74736 CVE-2025-39835 affecting package kernel for versions less than 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: xfs: do not propagate ENODATA disk errors into xattr code ENODATA aka ENOATTR has a very specific meaning in the xfs xattr code; namely, that the requested attribute name could not be found. However, a medium error from disk may...
UBUNTU-CVE-2025-39835
In the Linux kernel, the following vulnerability has been resolved: xfs: do not propagate ENODATA disk errors into xattr code ENODATA aka ENOATTR has a very specific meaning in the xfs xattr code; namely, that the requested attribute name could not be found. However, a medium error from disk may...
CVE-2025-39835 xfs: do not propagate ENODATA disk errors into xattr code
In the Linux kernel, the following vulnerability has been resolved: xfs: do not propagate ENODATA disk errors into xattr code ENODATA aka ENOATTR has a very specific meaning in the xfs xattr code; namely, that the requested attribute name could not be found. However, a medium error from disk may...
GHSA-W765-JM6W-4HHJ Webrecorder packages are vulnerable to XSS through 404 error handling logic
A Reflected Cross-Site Scripting XSS vulnerability exists in the 404 error handling logic of wabac.js v2.23.10 and below. The parameter requestURL derived from the original request target is directly embedded into an inline block without sanitization or escaping. This allows an attacker to craft ...
SUSE CVE-2025-39675
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null pointer check in modhdcphdcp1createsession The function modhdcphdcp1createsession calls the function getfirstactivedisplay, but does not check its return value. The return value is a null pointer if the...
Cross-site Scripting (XSS)
Overview @webrecorder/wabac is a service worker based web archive replay Affected versions of this package are vulnerable to Cross-site Scripting XSS via the 404 error handling process. An attacker can execute arbitrary JavaScript in the victim's browser by crafting a malicious URL that injects...
AZL-67010 CVE-2025-39675 affecting package kernel for versions less than 6.6.104.2-1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null pointer check in modhdcphdcp1createsession The function modhdcphdcp1createsession calls the function getfirstactivedisplay, but does not check its return value. The return value is a null pointer if the...
CVE-2025-39675
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null pointer check in modhdcphdcp1createsession The function modhdcphdcp1createsession calls the function getfirstactivedisplay, but does not check its return value. The return value is a null pointer if the...
DEBIAN-CVE-2025-39675
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null pointer check in modhdcphdcp1createsession The function modhdcphdcp1createsession calls the function getfirstactivedisplay, but does not check its return value. The return value is a null pointer if the...
UBUNTU-CVE-2025-39675
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null pointer check in modhdcphdcp1createsession The function modhdcphdcp1createsession calls the function getfirstactivedisplay, but does not check its return value. The return value is a null pointer if the...
CVE-2025-39675 drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session()
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null pointer check in modhdcphdcp1createsession The function modhdcphdcp1createsession calls the function getfirstactivedisplay, but does not check its return value. The return value is a null pointer if the...
CVE-2025-39675 drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session()
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null pointer check in modhdcphdcp1createsession The function modhdcphdcp1createsession calls the function getfirstactivedisplay, but does not check its return value. The return value is a null pointer if the...
CVE-2025-39675
CVE-2025-39675 affects the Linux kernel DRM/AMD display path. In mod_hdcp_hdcp1_create_session(), get_first_active_display() may return NULL when the display list is empty, causing a NULL pointer dereference. The fix adds a NULL pointer check and returns MOD_HDCP_STATUS_DISPLAY_NOT_FOUND. This mi...
Security update for cloud-init
This update for cloud-init fixes the following issues: Update to version 25.1.3: CVE-2024-6174: Unpriveleged user could trigger hotplug-hook commands bsc1245403. None security fixes: Rebase cloud-init to 24.4 or higher bsc1239715, jscPED-8680. Fixed cloud-init --debug status bsc1228414. Using...
SUSE CVE-2025-40779
If a DHCPv4 client sends a request with some specific options, and Kea fails to find an appropriate subnet for the client, the kea-dhcp4 process will abort with an assertion failure. This happens only if the client request is unicast directly to Kea; broadcast messages do not cause the problem...
CVE-2025-40779 Kea crash upon interaction between specific client options and subnet selection
If a DHCPv4 client sends a request with some specific options, and Kea fails to find an appropriate subnet for the client, the kea-dhcp4 process will abort with an assertion failure. This happens only if the client request is unicast directly to Kea; broadcast messages do not cause the problem...
CVE-2025-38590 net/mlx5e: Remove skb secpath if xfrm state is not found
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Remove skb secpath if xfrm state is not found Hardware returns a unique identifier for a decrypted packet's xfrm state, this state is looked up in an xarray. However, the state might have been freed by the time of this...
Linux Distros Unpatched Vulnerability : CVE-2025-38362
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amd/display: Add null pointer check for getfirstactivedisplay The function modhdcphdcp1enableencryption calls the function getfirstactivedisplay, but does n...
kernel: powerpc: Fix access beyond end of drmem array
A flaw was found in the Linux kernel, specifically affecting the PowerPC architecture's pseries memory hotplug functionality. The issue arises from the dlparmemoryremovebyindex function, which may access memory beyond the bounds of the drmem logical memory block LMB array when it fails to find a...
SUSE CVE-2025-38362
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null pointer check for getfirstactivedisplay The function modhdcphdcp1enableencryption calls the function getfirstactivedisplay, but does not check its return value. The return value is a null pointer if the...