OPENSUSE-SU-2025:20099-1 Security update for xwayland

This update for xwayland fixes the following issues: - CVE-2025-62229: Fixed use-after-free in XPresentNotify structures creation bsc1251958. - CVE-2025-62230: Fixed use-after-free in Xkb client resource removal bsc1251959. - CVE-2025-62231: Fixed value overflow in Xkb extension XkbSetCompatMap...

SUSE-SU-2025:21149-1 Security update for xwayland

This update for xwayland fixes the following issues: - CVE-2025-62229: Fixed use-after-free in XPresentNotify structures creation bsc1251958. - CVE-2025-62230: Fixed use-after-free in Xkb client resource removal bsc1251959. - CVE-2025-62231: Fixed value overflow in Xkb extension XkbSetCompatMap...

CLSA-2025-1764081820 xorg-x11-server-Xwayland: Fix of 3 CVEs

CVE-2025-62229: fix use-after-free caused by incorrect error cleanup in present notify handling - CVE-2025-62230: fix use-after-free caused by improper XKB resource cleanup - CVE-2025-62231: fix overflow caused by improper bounds checking in XkbSetCompatMap...

DEBIAN-CVE-2025-40211

In the Linux kernel, the following vulnerability has been resolved: ACPI: video: Fix use-after-free in acpivideoswitchbrightness The switchbrightnesswork delayed work accesses device-brightness and device-backlight, freed by acpivideodevunregisterbacklight during device removal. If the work...

CVE-2025-40211 ACPI: video: Fix use-after-free in acpi_video_switch_brightness()

In the Linux kernel, the following vulnerability has been resolved: ACPI: video: Fix use-after-free in acpivideoswitchbrightness The switchbrightnesswork delayed work accesses device-brightness and device-backlight, freed by acpivideodevunregisterbacklight during device removal. If the work...

EUVD-2025-177160

Malicious code in pipe-byte-spy-fork-notify npm...

EUVD-2025-177534

Malicious code in notify-simple-theta-monitor-web npm...

EUVD-2025-179589

Malicious code in container-tree-signal-notify-permission npm...

MAL-2025-185779 Malicious code in beta-enum-notify-view-stack (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 61bccf3f703fef5887b6554bcd18352453f796633476d23cc246ea564274a9c5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-177319

Malicious code in parse-array-slow-emulate-notify npm...

EUVD-2025-177532

Malicious code in notify-zero-abstract-old-dog npm...

EUVD-2025-178223

Malicious code in kappa-notify-web-encrypt-iota npm...

EUVD-2025-176301

Malicious code in socket-uglify-notify-assert-encrypt npm...

Malicious code in notify-simple-theta-monitor-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b423312ee55eae4b343bff813661d5a36f603668689ee6635047c8f5c07cf34 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-175448

Malicious code in yaml-notify-authorize-code-web npm...

EUVD-2025-175398

Malicious code in zeta-cold-notify-fire-easy npm...

EUVD-2025-175985

Malicious code in test-sudo-notify-meta-orchestrate npm...

EUVD-2025-175884

Malicious code in tree-awk-notify-beta-cloud npm...

EUVD-2025-175882

Malicious code in tree-notify-fire-resolve-scale npm...

EUVD-2025-175881

Malicious code in tree-notify-report-decrypt-scale npm...